Alan  Westin  on 

j  Balancing  Customer 
Privacy  with 
Enterprise  Needs 

Page  66 

1 

Is  E-Procurement 
Right  for  You? 

The  Four  Critical 
Questions 

Page  58 


SUE  UNGER’S 


DRVNG 


CIO  Sue  Unger,  leaning  against 
the  new  Crossfire,  is  one  of  the 
few  top-level  American  executives 
who  survived  the  1998  merger  that 
created  DaimlerChrysler. 


LESSONS 

O  Get  a  Mentor 
©Major in  Finance 

©  Learn  the  Business  BetterThan  Anyone  Else 

How  DaimlerChrysler’s  CIO  Designed  a 
Career  and  Engineered  Her  Own  Success  page  48 


\  Questions  are  eve  »ry where.  I  isight 

i  '  i.  '  '  ^  ^ 


Making  important  decisions  is  your  job.  Delivering  the  insight  to  help  you  make  smarter  decisions  is  ours.  We  are 
Microsoft  Business  Solutions.  With  business  applications  and  services  from  financial  management  to  customer 


Custome: 


Ip  : 

Iph- 

'  '  .  -rr 

!  relationship  management,  we  have  the  experience  and  resources  to  help  you  succeed  in  an  ever-changing 
business  world.  To  learn  more,  visitmicrosoft.com/BusinessSolutions/lnsight  Software  for  the  Agile  Business. 


HBcrosott 

B 

Solutions 


I  AM  A  CISCO  7960G 
IP  PHONE. 


I  AM  MORE  TALK 
AND  LESS  WALK. 

I  HAVE  MORE  WAYS  OF  GETTING  PEOPLE  TALKING.  BUT  I  AM 
NOT  ALL  TALK.  I  AM  VOICE  AND  DATA,  BOTH  ON  THE  SAME  TEAM. 

I  HAVE  THE  POWER  TO  PUNCH  TIME  CLOCKS,  LISTEN  TO  EMAIL 
AND  SCHEDULE  APPOINTMENTS.  I  HAVE  THE  POWER  TO  SAVE 
VALUABLE  MILEAGE  ON  OFFICE  MOVES  AND  I.T.  STAFF  SHOES. 

I  AM  A  SECURE,  PINT-SIZED  PRODUCTIVITY  EXPERT  THAT  DELIVERS 
SUPER-SIZED  ROI.  I  AM  MORE  THAN  A  CISCO  7960G  IP  PHONE. 


1 


THIS  IS  THE  POWER  OF  THE  NETWORK.  HOW. 


cisco.com/convergencenow 


Cisco  Systems 


12003  Cisco  Systems,  loc  All  rights  reserved.  Cisco  7960G,  Cisco,  Cisco  Systems  and  the  Cisco  Systeois  logo  are  regist  ?rcd  trai'  mar/.s  ot  - ks  of  Cisco  Sv-j^oms,  .  .:/or  its 

in  the  U.S.  and  ceiiain  other  countries,  AM  oih’r  trademarks  mentioned  in  this  docii‘.-..it  orWeb  site  „r5  the  pro,  :  jf  '■■oil  r~st  '_--Q  ovyners.The  '>se  r  :  the  .  '0''k  ,  ‘.^ner  does  n 
partne;sh-p  ‘^elailvioship  bef-.*-;"-=i  ''k;  'O  and  any  -rther  company. 


VOL.  16  •  NO.  17  •  JUNE  15.  2003 


Cover  Story 

CIO  of  DaimlerChrysler  I  48 

SUE  UNGER’S 

DRIVING 

LESSONS 

Sue  Unger  defied  the  odds  to  become  the  CIO  of 
an  automotive  giant  despite  her  gender  and  status 
as  a  technology  outsider.  Here’s  how  she  did  it. 

By  Christopher  Koch 


COVER  PHOTO  BY  JIM  FRENAK 


“There  always  has  to  be  a  solid  line  back  to  IT,”  says  DaimlerChrysler  CIO 
Sue  Unger  of  IT’s  reporting  structure.  “If  you  let  it  become  a  dotted  line, 
you  start  to  have  a  division  between  corporate  ITand  business  unit  IT.” 


Features 


E-PROCUREMENT 

How  to  Know  if  E-Procurement 

Is  Right  for  You  I  58 

While  some  companies  have  achieved  price  reductions  through 
online  sourcing,  the  focus  of  e-procurement  initiatives  today  is 
process  efficiency.  Here’s  how  to  decide  if,  what  and  how  you 
should  buy  electronically.  By  Malcolm  Wheatley 


“On  one  hand,  CIOs  want  to 
comply  with  government’s 
requests,”  says  Alan  Westin, 
professor  emeritus  at  Columbia 
University  and  a  leading  privacy 
expert.  "On  the  other  hand,  they 
ha  /e  to  worry  about  the  trust  of 
their  customers.” 


Q&A  I  ALAN  WESTIN  ON  PRIVACY 
Balancing  Act  I  66 

Alan  Westin,  who’s  been  studying  information  privacy  for  40  years, 
talks  about  the  CIO’s  tricky  role  in  protecting  corporate  data. 

ALIGNMENT  TACTICS 
6  Habits  of  Highly  Effective  CIOs  I  72 

For  top  CIOs,  alignment  is  not  a  goal.  It’s  a  way  of  life.  A  list  of 
tactics  that  you  should  adopt  as  your  own.  By  Todd  Datz 

ESSAY  I  FUTURE  ARCHITECTURE 
Unleashing  Killer  Architecture: 

The  Shape  of  Things  to  Come  I  80 

Larry  Downes,  coauthor  of  Unleashing  the  Killer  App,  decon¬ 
structs  the  new-order  IT  architecture  that  will  connect  tomorrow’s 
information  supply  chain. 

MORE  ►►► 


•  www.cio.com 


4 


CIO  JUNE  15,  2003 


Does  your  software  let  you  access  the  most  current  financial  information? 
Ours  does. 


When  you  need  critical  information,  you  need  it  now.  That's  why  more  and  more  financial  organizations 
are  turning  to  CleverPath7  Computer  Associates'  information  management  solutions.  CleverPath  lets  you 
find  data  immediately,  not  eventually.  And  it  provides  you  with  analysis  tools  to  help  predict  the  best 
course  of  action  for  the  future.  Best  of  all,  CleverPath  solutions  can  be  up  and  running  in  weeks,  not 
months.  To  find  out  more,  contact  us  today.  ca.com/cleverpathl 


CleverPath'"  Information  Management  Solutions 


Computer  Associates® 


O  2003  Computer  Associates  Intematkx^l.  Inc.  (CA).  All  rights  reserved. 


Columns 

MAKING  I.T.  WORK 
Big  Brother  I  38 

rr  systems  are  too  often  used  to  monitor 
and  punish  rather  than  recognize  and 
reward.  By  Michael  Schrage 

REAL  VALUE 

ROI’s  Secret  Ingredient  I  42 

Numbers  aren’t  everyTihing.  Don’t  underes¬ 
timate  the  importance  of  weaving  a  good 
story  into  your  business  case. 

By  Jack  Keen 


EMERGING  TECHNOLOGY  I  95 


Defensive  Postures 


A  new  class  of  security  technologies  called 
intrusion  prevention  systems,  or  IPSs, 
supplement  patches,  firewalls  and  other 
traditional  approaches  to  blocking  out  the 
bad  guys.  Many  IT  managers,  however,  are 
reluctant  to  trust  this  network-based  tool, 
fearing  that  IPS’s  false  alarms  will  shut  down 
legitimate  customer  connections. 

By  Dylan  Tweney 


REALITY  BYTES 

Looking  on  the  Sunny  Side  I  88 

Within  the  gloomy  clouds  of  economic 
malaise  gHtter  the  silver  linings  of  cheap 
thrills  and  tiny  triumphs. 

By  Megan  Santosus 

Sections 

TRENDLINES  I  20 

A  rash  of  IT  failures;  It’s  a  portal  world; 
rr  summer  camps.  And  more 


OFF  THE  SHELF  I  24 

From  Airline  Reservations  to  Sonic  the 
Hedgehog:  A  History  of  the  Software 
Industry',  Book  Talk;  CIO  Best-Sellers 
WASHINGTON  WATCH  1  30 
On  IT  regs,  it’s  CIOs  versus  consultants. 

EMERGING  TECHNOLOGY  I  95 

Intrusion  prevention  systems  offer  the 
latest  countermeasures  in  the  war  against 
hackers,  worms  and  viruses. 

By  Dylan  Tweney 

UNDER  DEVELOPMENT  I  100 

One  superfast  data  transfer. 


In  Every  Issue 

INBOX  I  12 

Reader  feedback 

INDEX  I  102 

EXECUTIVE  SUMMARY  I  104 

Abstraas  of  all  the  feature  stories  foimd 
in  this  issue. 


“We  betray  our  understanding  and  respect  for 
human  nature  by  not  coming  up  with  as  many 
ways  to  reward  our  employees  as  we  do  ways 
to  trap  them.” 

-Michael  Schrage,  CIO  columnist,  on  employee  monitoring  Page  38 


6 


CIO  JUNE  15.  2003  •  www.cio.com 


SUN  FIRr  V60X 


THE  NEW  SUN  FIRE  "  V60X  SERVER: 

>  INTEL  XEON  PROCESSOR 

>  RUNS  SOLARIS'"  9  FOR  X86  OR  LINUX  OS 


THE  LOW  COST  MOVE  IS  ON 


©2003  Sun  Microsystems,  Inc.  All  rights  reserved.  Sun,  Sun  Microsystems,  the  Sun  logo,  Solaris  and  Sun  Fire  are  trademarks  or  registered  trademarks  of  Sun  Microsystems,  Inc.  in  the  United  States  and  other  countries.  All  other  trademarks  are  property  of  their  respective  owners. 


TV 


y 

/ 


-f-  -  V  ■■■  T“  '  .  ,  .  . 

v'Vi  . : 


/ 


/ 


Value  Management 
Business  Intelligence  &  Analytic^ 
-  IT  Portfolio  Management 


U 


H' 


Application  Outsourcing 


L.. 


Content  Management 

©ClX'X 

IT  Effectiveness 


:r 


□ 

D 

□ 

D 

□ 

D 

ROlA/alue  Management 


r 


-.uV- 


•-  >  ‘  -.It’ 


Build  more  business  value  into  your  IT  investments 


With  mounting  profit  pressures  and  demands  for  cost  control,  every  investment  must  produce  rapid  and  predictable 
business  value.  As  the  world’s  third  largest  IT  company,  Fujitsu  can  show  you  how  to  improve  your  return  on  IT.  Our 
experienced  consultants  will  align  your  technology  with  your  business  strategy  for  improved  performance.  And  our 
I  Tterprise  value  management,  application  outsourcing  and  IT  effectiveness  experience  can  help  maximize  the  value 
t  )m  IT  while  reducing  total  IT  costs  up  to  30%  in  three  years.  Along  with  the  right  blueprint,  a  solid  infrastructure 


f<  ms  the  foundation  for  business  effectiveness.  By  eliminating  “server  sprawl’’  our  exceptionally  reliable  and  scalable 
I  servers  will  lower  TCO  and  improve  productivity.  For  free  white  papers  showing  how  to  maximize  your  Return 
On  -T,  visit  us.fuiitsu.com/ROIT.  Working  together,  we  can  accomplish  anything. 


illlllll  iiiiiiiiiiii  iiiiiii  IP'  ■  I  III  ■■mil  I  mil 


Fujfrsu 

THE  POSSIBILITIES  ARE  INFINITE 

us.fujitsu.com 


TlTTTnTU. 


i  , 


IT 


Infrastructure  Solutior^ 


High-Availability  Servers 


IV^ission  Critical  Managed  Servic 

(  I 

i 

f  I 

Res<!)urce  Optimization  Sol 


NAVIGATING  THE  SITE 

More  for  You  Online:  www.cio.coni/claiiy 

The  online  version  of  the  issue  in  your  hands  contains  more  resources 
and  information  on  the  need-to-know  subjects  covered  here,  such  as 
e-procurement,  information  privacy  and  alignment.  Look  for  the  Learn 
More  boxes  with  each  feature  for  links  to  pertinent  stories  from  C/0,  sister  publications 
CSC  and  Darwinmag.com  as  well  as  IDG  partners  such  as  Computerworld  and  Network 
World.  To  get  you  quickly  where  you  want  to  be  on  our  website,  we’ve  created  a  new  page: 
www.cio.com/daily.  Check  it  out.  -Art  Jahnke,  Web  Editorial  Director 


Our  Daily  Web 

MONDAY  Tech  Tact 

Technology  Editor  Christopher 
Lindquist  covers  what’s  coming. 

TUESDAY  Alarmed 

Security  experts  Sarah  D.  Scalet 
and  Scott  Berinato  give  you 
something  new  to  worry  about. 

WEDNESDAY  Metrics 

Web  Writer  Jon  Surmacz  makes 
sense  of  the  numbers. 


INTERACTIVE 

>Tealures 


THURSDAY  Sound  Off 

Web  Editorial  Director  Art  Jahnke 
opines  on  managerial,  political 
and  ethical  dilemmas. 


from  June  15  to  June  30 


ASK  THE  SOURCE 

Tell  Larry  Downes 
What  You  Think 

Consultant,  author,  business  pundit  Larry 
Downes  says  we  should  brace  ourselves  for  a 
large-scale  shift  in  computing  architecture  (see 
Unleashing  Killer  Architecture,  Page  80). 

Expect  plenty  of  trauma.  Prepare  to  make  more 
investments  in  infrastructure,  rethink  some 
applications  and  gear  up  for  a  major  transfor¬ 
mation  of  your  IT  skills.  Through  July  3,  tell 
Downes  what  you  think— or  ask  him  to  explain 
himself  further.  Go  to  www.cio.com/ask. 

LEARN  MORE 

Does  Washington  Listen? 

When  the  government  is  proposing  regulations  that  affect  your  technology, 
you  certainly  hope  so  (see  Washington  Watch:  On  IT  Regs,  It’s  CIOs  Versus 
Consultants,  Page  30).  Allan  Woods,  CIO  of  Mellon  Financial,  told  the 
Securities  and  Exchange  Commission  what  he  thought  of  a  proposed  data- 
recovery  objective  and  got  the  agency  to  amend  its  guidelines.  Read  what 
he  had  to  say  and  how  he  said  it.  Find  the  link  to  the  Washington  Watch 
online  page  from  www.cio.com/current. 


Larry  Downes 


FRIDAY  The  Big  Picture 

Charts  and  graphs  that  are  worth 
a  thousand  words. 

EVERY  WEEKDAY  The  News 

We  synthesize  the  top  IT  news 
stories  of  the  day. 


Add  a  Comment 

Sue  Linger  left  finance  for  IT 
(see  Driving  Lessons,  Page  48). 
How  did  she  do  it?  Michael 
Schrage  says  you’re  using  IT 
systems  as  a  stick,  not  a  carrot 
(see  Making  IT  Work:  Big  Brother, 
Page  38).  So,  are  you?  Malcolm 
Wheatley  tel  Is  you  How  to  Know 
if  E-Procurement  Is  Right  for  You 
(see  Page  58).  Is  it?  Megan 
Santosus  tries  to  find  the  silver 
lining  (see  Reality  Bytes:  Looking 
on  the  Sunny  Side,  Page  88). 
Share  your  opinions  and  advice 
on  these  and  any  other  column  or 
feature  story.  Just  scroll  to  the 
bottom  of  the  online  version  of  the 
piece  to  Add  a  Comment. 


Find  links  to  the  stories  mentioned  on  this  page  at  www.cio.com/daily. 


10  CIO  JUNE  15,  2003  •  www.cio.com 


mmm 


-i  r-  :  -.^^.f^v' 


rw>if5 '  - 


When  you  set  out  to  conquer  e-business  challenges,  success  or  failure  often  hinges 
on  your  technology  partner.  Consider  the  partner  that  4  out  of  5  FORTUNE  500'* 
connpanies  already  trust:  Sterling  Commerce.  With  a  25-year  track  record  of 
helping  businesses  successfully  improve  performance  and  operating  metrics, 
no  partner  is  more  dependable  or  more  knowledgeable. 


Integrating  existing  processes?  Developing  new  ones?  Building  entire  electronic 
trading  communities?  Look  to  us  for  dependable  software  and  services. 

It's  all  a  matter  of  confidence. 


J  Sterling  commerce 


www.sterlinqcommerce.com 


Dependable  technology  builds  confidence. 


©2002  Sterling  Commerce,  Inc.  ALL  RIGHTS  RESERVED.  Sterling  Commerce  and  the  Sterling  Commerce  logo  are  trademarks  of  Sterling  Commerce,  Inc. 
Sterling  Commerce  is  an  SBC  Communications  Inc.  company. 


:;v 

■■ 


InBox 

Reader  Feedback 


BETTER  OUTSOURCING  OPTIONS 


I  found  the  most  recent  outsourcing  article  [“Staff  Alert,”  May  1, 2003]  intriguing 
yet  irresponsible.  CIO  and  other  magazines  make  the  assumption  that  the  only 
way  to  cut  costs  is  to  use  an  offshore  company  in  India.  I  believe  there  are 
better  ways. 

There  are  organizations  in  the  process  of  setting  up  their  outsourcing 
models  in  Barbados,  Trinidad  and  Antigua.  These  countries  are  accessible 
via  direct  flights  from  JFK,  Miami  and  other  major  airports.  They  are 
also  able  to  build  better  teams  because  they  do  not  have  to  deal  with 
time  zone  issues.  Morale  increases,  since  employees  are  not  fearful 
of  traveling  to  the  countries  due  to  health-related  issues. 

Also,  when  CIOs  consider  new  legislation  regarding  homeland  security, 

HIPAA  and  the  ability  to  secure  confidential  information,  offshoring  to  India  and  more 
distant  countries  becomes  slightly  irresponsible. 

James  McGovern  •  AMr/7or  o/^Practical  Guide  to  Enterprise  Architecture  •  james@architectbook. 


ert 


com 


Editor’s  note:  CIO  has  never  assumed  or 
stated  that  India  is  the  only  offshore 
option  for  saving  money,  it  is  one  of  the 
most  popular  locations  among  many 
that  offer  various  advantages  and  dis¬ 
advantages.  We  highlight  these  in  “A 
Buyer’s  Guide  to  Offshore  Outsourcing,” 
Nov.  IS,  2002.  We  agree  that  security 
and  other  management  issues  need  to  be 
considered  in  the  value  equation  of  any 
offshore  initiative,  regardless  of  the 
country. 

BUSINESS  AND  PERSONAL 
ETHICS  ARE  CRITICAL 

I  just  wanted  to  tell  you  how  much  I 
enjoyed  your  Total  Leadership  column 
in  the  March  15,  2003,  issue.  Many 
businesses  undervalue  ethical  leadership. 

A  recruiter  recently  asked  me  what  I 
was  looking  for  in  a  company.  I  said  an 
ethical  management  team  was  critical. 
The  recruiter  actually  laughed  at  me  and 
told  me  that  I’d  never  find  a  job  if  that 
was  really  important  to  me.  Needless  to 
say,  I  didn’t  work  with  that  recruiter 
after  that. 


I  finally  ended  up  moving  from  a 
well-paying  job  with  a  market-leading 
company  to  join  a  startup.  Much  of  my 
decision  was  based  on  the  company’s 
leader;  one  of  those  rare  individuals  who 
has  business  and  personal  ethics  beyond 
reproach.  I’m  taking  a  big  risk,  but  I’ve 
never  been  happier. 

Sheila  M.  Droski 

sheila@trustednetworktech.  com 

PRAISE  FOR  BRINGING  I.T. 
BACK  HOME 

It  was  so  refreshing  to  read  your  article 
[“Bringing  IT  Back  Home,”  March  1, 
2003].  For  so  long,  all  we  heard  in  the 
industry  was  “everyone  needs  to  out¬ 
source.”  I  thought  we  were  the  only 
ones  doing  it  in-house. 

We  saved  considerable  time  by  bring¬ 
ing  our  marketing,  IT  and  printing  in- 
house.  In  the  first  year  alone,  we  saved 
thousands  of  dollars. 

Before  we  made  this  step,  we  had 
zero  ROI  for  everything.  Now,  the 
equipment  and  a  portion  of  the  man¬ 
power  pay  for  themselves. 


When  everyone  in  our  region  asked 
how  we  do  it,  we  replied,  “We  do  it  our¬ 
selves.”  Everyone  thought  we  were  crazy. 

Jeffrey  R.  Jarzabek,  IT  Director 
Matocha  Associates 
jjarzabek@matocha.com 

CLARIFICATION 

In  the  article,  “How  to  Apply  EVA  to  IT,” 
on  Page  94  in  the  Jan.  15,  2003,  issue, 
there  was  a  potentially  misleading  defi¬ 
nition  of  cost  of  capital.  The  description 
should  have  read:  “Yet  equity  capital 
isn’t  actually  free.  The  cost  of  equity  cap¬ 
ital  that  EVA  addresses  is  determined  by 
the  future  rate  of  return  an  investor 
would  require  before  investing  in  the 
company’s  stock.” 

WHAT  DO  YOU  THINK? 

Send  your  thoughts  and  feedback 
to  letters@cio.com.  Letters  may  be 
edited  for  length  or  clarity.  For  links 
to  all  articles  mentioned,  go  to 
tvww.  do.  com/printlinks. 


12  CIO  JUNE  15,  2003  •  www.cio.com 


INTRUDER 
ACCESS  DENIED. 


Your  notebook  computer  lets  you  work  nearly  anywhere.  But  what  happens  if  your 
sensitive  information  gets  into  the  wrong  hands?  3M™  Notebook  Privacy  Filters  hmit 
the  field  of  view  so  that  only  persons  sitting  directly  in  front  of  the  monitor  can  see 
on-screen  data.  Prying  eyes  on  either  side  just  see  a  dark  black  screen.  Available  in 
styles  and  sizes  to  fit  most  CRT  and  notebook  or  desktop  LCD  monitors. 


Vikuiti  “ 

Dltplay  Enhancement 


For  more  information: 
800-553-9215 

www.3M.com/computerfilters 


3M  Innovation 


©  3M  2003  3M,  Vikuiti  and  the  Vikuiti  “Eye”  symboi  are  trademarks  of  3M. 


©  2003  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  SQL  Server.  Windows,  and  the  Windows  logo  are  either  registered  trademaNcar  trademarks  of  Microsoft  Corporation 
in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 


Build  a  200-server 


Introducing  Microsoft  Windows  Server  2003.  Do  more  with  less 


You’re  being  asked  to  do  more.  You’re  being  asked  to  do  it  with  less.  Microsoft®  Windows®  Server  2003  is  designed 
to  help  you  manage  these  opposing  forces  with  powerful  server  consolidation  capabilities  that  increase  efficiency, 
decrease  man-hours,  and  lower  your  total  cost  of  ownership.  Get  your  free  evaluation  copy  of  Windows  Server  2003 


at  microsoft.eom/windowsserver2003  by  July  31,  2003.  Software  for  the  Agile  Business. 


Information  Resources,  Inc.  (IRI)  manages  over  122  terabytes  of  data  to  provide  consumer  behavior  insights,  advanced 
analytics,  and  decision  analysis  tools  for  some  of  the  largest  consumer  packaged  goods,  healthcare,  retail,  and  financial 
companies  in  the  world.  To  meet  increasing  demand  for  faster,  more  granular  business  intelligence  while  reducing  costs, 
IRI  is  using  64-bit  editions  of  Windows  Server  2003  and  SQL  Server"^  2000  on  an  Intel  Itanium  2  system  to  deliver  faster 
answers  to  its  customers.  The  result?  IRI  will  be  able  to  process  more  queries,  using  a  fraction  of  the  number  of  servers 
while  realizing  significant  cost  savings  and  improving  customer  service. 


infrastructure 


1 

1 

M 

pwS’ 

ifc  ' 

'''' 

.?  r 

3 

H^'> .  1 

.<  ■ 

.n  I 

|^\  1 

''  ' 

.  m 

The  Resource  for  Information  Executives 


President  Walter  Manninen 
Publisher  Gary  J.  Beach 
Editorial  Director  Lew  McCreary 

EDITORIAL 

Editor  in  Chief  Abbie  Lundberg 
Deputy  Editor  Richard  Pastore 
Managing  Editor  David  Rosenbaum 
Managing  Editor,  Production  Cheryl  R.  Asselin 

Executive  Editors  Alison  Bass,  Michael  Goldberg, 
Christopher  Koch  (Investigations) 

Leadership  and  Management  Editor  Edward  Prewitt, 
Opinion  and  Knowledge  Management  Editor  Megan 
Santosus,  Research  Editor  Lorraine  Cosgrove  Ware, 
Special  Projects  Editor  Mindy  Blodgett,  Technology 
Editor  Christopher  Lindquist 

Senior  Editors  Scott  Berinato,  Todd  Datz, 

Alice  Dragoon,  Elana  Varon  (B2B  E-Commerce) 

Features  Editor  Lafe  Low 

Senior  Writers  Meridith  Levinson  (B2C  E-Commerce), 
Stephanie  Overby,  Sarah  D.  Scalet  (Security  and  Privacy) 

Staff  Writer  Ben  Worthen 
Copy  Chief  Tom  Wailgum 

Asst.  Managing  Editor,  Production  Kathleen  S,  Carr 

Copy  Editors  Kelli  A.  Gauthier  (Assoc.), 

Emily  S.  Henderson,  Sarah  Johnson  (Assoc.) 

Special  Projects  Manager  Lynne  Z.  Rigolini 
Editorial  Resource  Manager  Carol  Zarrow 
Editorial  Assistants  Daniel  J.  Morgan,  Joe  Sullivan 

Contributors  Larry  Downes,  Grant  Gross,  Fred  Hapgood, 
Sharron  Kahn  Luttreil,  Jack  Keen,  Michael  Schrage, 

Dylan  Tweney,  Bob  Violino,  Malcolm  Wheatley 

Editorial  Operations  Specialist  Julie  Hanson 


DESIGN 

Executive  Director,  Art  and  Design  Mary  Lester 
Art  Directors  Hana  Barker,  Terri  Haas,  Lisa  Munroe 
Associate  Art  Director  Owen  Edwards 
Senior  Designers  Kaajai  S.  Asher,  George  Lee 
Designer  Alberto  Capolino 
Design  Operations  Specialist  Rachel  Barnett 

ONLINE  EDITORIAL 

Web  Editorial  Director  Art  Jahnke 
Consulting  Editor  Janice  Brand 
Web  Editor  Sandy  Kendall 
Web  Writer  Jon  Surmacz 

ONLINE  &  INFORMATION  SYSTEMS 

Chief  Information  Officer  Mark  Hall 

Online 

Senior  VP/General  Manager,  Online  Tim  Morgan 
Director,  CIO  Best  Practice  Exchange  Martha  Heller 
Senior  Editor,  CIO  Best  Practice  Exchange  Sari  Kalin 
Operations  Asst,  CIO  Best  Practice  Exchange  Lisa  Byron 
Online  Technology  Director  Dagmar  Eiben 
Senior  Web  Developer  Ellen  Morey 
Director  of  Online  Research  Kathleen  Kotwica 
E-Commerce  Manager  Andrew  Burrell 
Web  Developers  Diane  Chen,  Shannon  Macdonald 
Online  Content  Researcher  Tara  Gillet-Liloia 
Designer  Graham  White 

information  Systems 

Infrastructure  Manager  James  C.  Burgoyne 

User  Services  Manager  Ron  Bettencourt 
Senior  User  Services  Specialist  Michael  Fahlsing 
System  Administrator  Robert  Reagan 
Senior  User  Services  Specialist  Jonathan  Frappier 


Business  Development  VP  John  Amato 
Program  Operations  Manager  Brian  Fuce 
Marketing  Manager  Glede  Kabongo 
Marketing  Services  Coordinator  Andrea  Slobogan 
Event  Development  Specialist  Sandra  J.  Hughey 
Operations  Coordinator  Michael  Barbato 
Event  Planning  Manager  Amy  Turell 
Senior  Customer  Services  Coordinator  Sarah  Yee 

MARKETING 

Executive  VP/Marketing  Cathy  O’Leary  Hayes 
VP/News  and  Information  Susan  Watson 
Media  Relations  Manager  Karen  Fogerty 
News  and  Information  Associate  Lori  Piscatelli 
Marketing  Research  Director  Bridget  Cammarata 
Marketing  Research  Manager  Carolyn  Johnson 
Sr.  Marketing  Research  Analyst  Dylan  DiGregorio 
Marketing  Comm.  Director  Sue  Yanovitch 
Sr.  MarCom  Development  Specialist  Kari  Curto 
Marketing  Comm.  Associate  Sarah  Crowley 

ADMINISTRATION 

Manager  of  Finance  Margarita  Chiango 
Finance  and  Operations  Analyst  Chris  Bernard! 
Executive  Assistant  to  the  President  Diane  Martin 
Billing  Administrator  Joyce  Gillis 
Facilities  Specialist  John  Kelley 
Office  Services  Coordinator  Mary  E.  Wooldridge 

HUMAN  RESOURCES 

Human  Resources  Vice  President  Patricia  Chisholm 
Human  Resources  Manager  Tanya  Bureau 
Human  Resources  Representative  Beth  S.  Ramistella 


How  to  Reach  Us 

E-mail  letters@cio.com 
Phone  508  872-0080 
Fax  508  879-7784 

Address  CIO  Magazine,  CXO  Media  Inc., 

492  Old  Connecticut  Path,  P.O.  Box  9208, 

Framingham,  MA  01701-9208 

Website  www.cio.com 

Topic  Experts  www.cio.com/oniine_beats2.htmi 

Subscriber  Services  866  354-1125,  Fax  847  564-9453, 
E-mail  cio@omeda.com 

Rights  and  Permission  Andrew  Burrell  •  508  935-4785, 
E-mail  aburreii@cxo.com 


CIRCULATION 

Senior  VP/Circulation  Carol  A.  Spach 
Circulation  Director  Faith  Marcello 
Subscription  Svcs.  Supervisor  Tina  Pescaro 

PRODUCTION 

VP/Manufacturing  Chris  Cuoco 
Production  Manager  Lee  Tuttle 
Senior  Production  Coordinator  Lisa  Stevenson 


FOUNDER 

Joseph  L.  Levy 


INTERNATIONAL  DATA  GROUP 

CEO  Pat  Kenealy 

Board  Chairman  Patrick  J.  McGovern 


EXECUTIVE  PROGRAMS 

EP  Senior  Vice  President  Jennifer  Richards 
Conference  Management  Vice  President  Cynthia  Mollus 
Marketing  Services  Director  Shellie  Rapson  James 


wbpa 

T  INTERNATIONAL* 

©  CXO  Media  Inc. 


16  CIO  JUNE  15,  2003 


www.cio.com 


PAY 

TOLL 

SEBAN  YWAR.E* 


Once  you  started,  nothing  could  stop  you.  And,  as  usual,  nothing  did.  Yes,  your  “can  do”  spirit 
led  you  to  an  alternative  to  those  single-function,  network  color  printers:  multifunction  color 


printing  solutions  from  Canon,  the  leader  in  color  imaging  in  the  office.*  Color  imageRUlMlMER®  is  fully  connected  and  expands  your  capabilities 


across  your  network.  That  means  along  with  superior  image  quality,  you’ll  have  lower  operating  costs.  The  result:  a  faster,  better 
alternative  to  outsourcing,  plus  increased  productivity.  All  of  which  leads  to  bottom  line  savings  and  a  competitive  advantage  for  your  company. 
So,  now  you’re  going  places.  Yes,  thanks  to  Canon  know-how,  it’s  smooth  sailing  all  the  way.  1 -800-0K-CAN0N  www.usa.canon.com 

Canoti  is  a  registered  trademark  and  Canon  Know  How  is  a  trademark  of  Canon  Inc.  IMAGERUNNER  is  a  registered  iTadcmark  of  Cat\on  Inc.  in  the  U.S.  and  Canada.  IMAGEANYVVARE  is  a  service  mark  of  Canon  U.S.A.,  Inc.  ©2003  Canon  U.SA,  Inc.  “Source:  Gartner  Dataquest  2002. 


Canon  KNOW  HOW 


Advertising  Supplement 


With  Jim  Demetriades 


SeeBeyond  CEO  Explains  Why 
Everything  You  Knew  About  EAi 
Has  Just  Changed 


You’re  now  saying  ‘Everything  you  know 
about  enterprise  integration  has  just 
changed.’  How  exactly  has  EAI  evolved 
over  the  last  several  years? 

EAI  began  as  a  way  to  integrate  one  appli¬ 
cation  with  another,  enabling  data  integra¬ 
tion  and  synchronization.  It  then  evolved 
to  include  business-to-business  integration 
and  business  process  integration,  allowing 
companies  to  design  and  manage  multi- 
step  business  processes.  This  was  certainly 
an  advance  over  the  “spaghetti”  approach 
of  point-to-point  interfaces,  and  has  deliv¬ 
ered  a  lot  of  business  value  by  automating 
manual  processes  and  machine-to- 
machine  interactions. 

However,  this  broader  definition  of  EAI 
still  falls  short.  Achieving  the  vision  of  the 
real-time  enterprise  is  not  simply  a  matter 
of  automating  business  processes  between 
systems,  but  also  seamlessly  inserting 
human  interaction  into  the  processes  to 
handle  exceptions.  The  true  complexity  of 
business  processes,  and  the  highest  value, 
comes  from  handling  exceptions  well,  and 
to  end-users  should  be  undistinguishable 
from  other  enterprise  applications.  What 
businesses  need  is  a  way  to  quickly  assem¬ 
ble  and  deliver  new  enterprise-scale,  end- 
user  applications  built  by  assembling  exist¬ 
ing  business  systems  and  functionality  in 
new  ways.  This  is  where  our  latest  offering, 
the  SeeBeyond  Integrated  Composite 
Application  Network  (ICAN)  Suite  5.0, 
comes  into  play. 

Considering  that  integration  costs  are  a 
significant  part  of  software  installations, 
do  you  see  application  development  and 
integration  coming  together?  If  so,  how? 

Absolutely.  Today,  the  IT  infrastructure 
of  most  organizations  has  grown  into  a 
morass  of  disjointed  systems.  Tradition¬ 
ally,  application  development  and  integra¬ 
tion  have  been  completely  disparate  func¬ 
tions.  The  advent  of  the  integrated 
composite  application  network  changes  all 
that.  It  builds  upon  the  foundations  of 


both  application  development  and  inte¬ 
gration,  adding  the  benefit  of  human 
brainpower  in  building  composite  applica¬ 
tions.  Automation  is  extended  to  encom¬ 
pass  human  touch,  allowing  people  and 
systems  to  interact  synergistically  and  give 
business  users  a  deep  new  look  into  their 
organization  and  its  ecosystem. 

This  new  network  is  really  a  framework 
for  creating  new,  enterprise  applications 
from  existing  ones.  This  framework  is  now 
possible  thanks  to  the  convergence  of  several 
technology  and  business  trends,  including: 

•  the  sufficient  maturation  of  EAI; 

•  the  commoditization  of  application 
servers; 

•  the  adoption  and  maturation  of  open  stan¬ 
dards,  including  those  for  Web  services; 

•  the  widespread  acceptance  of  portal 
functionality; 

•  and  the  demand  from  customers  that 
vendors  solve  business  problems  cost- 
effectively,  preferably  by  leveraging 
existing  IT  assets. 

What  is  SeeBeyond’s  technology  strategy 
for  addressing  this  problem? 

Our  ICAN  Suite  5.0  provides  the  archi¬ 
tecture  and  tools  that,  for  the  first  time, 
enable  organizations  to  create  new  end- 
user  applications  assembled  using  existing 
business  logic,  functionality,  and  human 
intelligence  from  anywhere  in  an  organiza¬ 
tion’s  ecosystem.  The  prospective  business 
benefits  are  profound:  The  features  and 
capabilities  of  ICAN  5.0  hold  the  promise 
of  significantly  reducing  product  cycle 
times  and  the  cost  of  ongoing  mainte¬ 
nance,  while  greatly  improving  productivi¬ 
ty  through  unprecedented  ease-of-use  and 
support  for  open  standards. 

We  believe  that  the  ICAN  Suite  5.0 
fulfills  the  long-awaited  promise  of  mid¬ 
dleware.  It  also  is  the  latest  milestone  of 
SeeBeyond’s  1 4-year  vision  of  helping  cus¬ 
tomers  manage  the  flow  of  information 
across  all  systems,  applications  and  enter¬ 
prises  on  a  global  basis. 


What  is  SeeBeyond’s  competitive  advan¬ 
tage  in  this  space? 

First  and  foremost,  we  have  the  most  open 
and  comprehensive  set  of  integration  tools 
available  in  our  new  ICAN  Suite  5.0.  We 
have  an  installed  base  of  more  than  1,800 
customers  including  leading  Global  2000 
companies;  a  1 4-year  history  of  success; 
and  a  product  suite  written  by  a  team 
whose  senior  members  have  been  together 
for  more  than  a  decade.  SeeBeyond 
knows  what  eBusiness  and  application 
integration  can  do  today,  and  what  it 
must  do  in  the  future. 

As  a  company,  we  have  been  an  inno¬ 
vation  leader  since  the  birth  of  the  applica¬ 
tion  integration  industry.  We  introduced 
the  first  commercially  available  integration 
broker  in  1991;  the  first  fully-distributed 
integration  architecture  in  1999;  and  now, 
with  the  ICAN  5.0,  the  first  business  inte¬ 
gration  platform  built  on  an  open  frame¬ 
work,  including  a  J2EE-compliant  inte¬ 
gration  server  with  the  first  composite 
application  generator  based  on  an  open, 
services-oriented  architecture. 

“SeeBeyond  knows  what 
eBusiness  and  application 
integration  can  do  today,  and 
what  it  must  do  in  the  future.” 

In  business  terms,  the  goal  is  to  give 
managers  a  clear  idea  of  what’s  happening 
across  their  organizations,  and  the  flexibility 
to  improve  whatever  needs  to  be  improved. 

Any  final  words  of  wisdom  for  CIOs  when  it 
comes  to  making  an  integration  project 
succeed? 

Today,  enterprise  software  equals  business 
strategy.  That  means  CIOs  should  be  look¬ 
ing  for  solutions  that  possess  the  same 
attributes  as  good  business  strategy — name¬ 
ly  flexibility,  responsiveness,  and  cost-effec¬ 
tiveness.  In  the  integration  market,  CIOs 
should  seek  vendors  who  understand  that 
and  who  offer  solutions  that  allow  IT  orga¬ 
nizations  to  reach  across  the  traditional  bar¬ 
riers  of  application  development  and  inte¬ 
gration.  Ideally,  this  will  enable  CIOs  to 
create  their  future  on  the  success  of  their 
past,  without  investing  in  a  lot  of  new, 
expensive  and  hard-to-use  technology. 

SeeBeyond* 


-V 


X^4  V 
Vl-*<k 


Introducing  the  Integrated  Composite  Application  Network  (ICAN)  Suite  5.0 

from  SeeBeyond.  ICAN  provides  unprecedented  support  for  open  standards  such  as 
J2EE  and  Web  services.  And  it  is  a-comprehensive  platform  that  lets  you  quickly  create 
new  end-user  business  applications  by  assembling  business  logic  and  functionality 
from  the  information  systems  you  already  have,  With  ICAN  5.0,  your  IT  strategy  can 
finally  keep  up  with  your  business  strategy.  To  find  out  how,  contact  us  TODAY. 

Call  1-800-425-0541  orvisitwww.seebeyond.com/ican 


u  mm  1 

1 

'  IH  ' 

■-:«  ■ 

3 

1 


this  is  that 
it  doesn’t 
take  much 


ct 

health  care. 


-FRANK  CLARK. 
SENIOR  VP  AND  CIO. 
COVENANT  HEALTH 


Cto  JLrr^JE  15,  2003 


A'WW.CiO.COm 


A  Rash  of  IT  Failures 


himself  as  far  and  as  thin  as  he  possibly  can 
with  supply  chain,  asset  management  and 
other  projects.  “Our  [new]  application 
efforts  are  more  intense  than  ever;”  he  says. 

This  indeed  has  been  an  intense  six 
months  for  health-care  CIOs  in  general, 
judging  by  some  very  public  incidents  (see 
“Health-Care  System  Snafus,”  Page  22). 
Add  to  that  the  SQL  Slammer  virus  attack 
that  infected  the  six-hospital  Covenant 
Health  network  based  in  Knoxville,  Term., 
and  you’ve  got  an  infirmary  full  of  IT 
applications  and  infrastructures  needing 
attention.  Stat. 

“All  of  this  takes  on  an  added  sense  of 
urgency  in  our  industry.  It’s  more  than  an 
inconvenience  because  it  impacts  the  deliv¬ 
ery  of  care,”  says  Frank  Clark,  senior  vice 
president  and  CIO  of  Covenant  Health, 
who  watched  “the  insidious  Slammer;”  as 
he  calls  it,  take  over  his  network. 

It  took  only  two  minutes,  in  the  wee 
hours  of  a  Saturday  morning  in  January. 
After  bouncing  off  Covenant’s  firewalls,  the 
worm  later  struck  again.  This  time  it  bur¬ 
rowed  into  a  prescription  computer  system 
through  a  single  open  port  coimected  to  a 
trusted  technology  partner.  It  took  12  hours 
to  flush  the  worm  fi-om  Covenant’s  systems. 
The  six  hospitals  resorted  to  manual  care. 

“It  could  have  been  much  worse  if  it  had 
been  a  weekday,”  says  Clark,  who  tells  of 
the  Slammer  ordeal  in  an  e-mail  reacting  to 
Continued  on  Page  22 


JOHN  HALAMKA  remains  compulsive  about 
his  network  for  good  reason.  Having 
endured  one  of  the  worst  health-care  IT 
network  outages  ever  last  November  at 
Beth  Israel-Deaconess  Medical  Center;  the 
CIO  of  CareGroup  in  Boston  checks  his 
entire  network  each  night  from  home 
before  he  goes  to  bed.  He  does  it  again 
when  he  wakes  up. 


Since  that  network  outage  (see  “All  Sys¬ 
tems  Down”  at  wuw.cio.com/printlinks), 
Halamka  has  added  some  structure  to  the 
medical  center’s  networking  policies  and 
has  refreshed  some  of  the  staff’s  network 
management  skills.  But  other  than  that — 
and  a  Slammer  virus  network  infection  on 
Jan.  25 — ^Halamka  continues  to  pursue  new 
applications  for  patient  care,  and  spreads 


PHOTO  TOP  BY  JOHN  SOARES;  BOTTOM  BY  PATRICK  MURPHY  RACEY 


I 


1, 

ll 


Does  the  scalability  of  your 

Bl  TOOLS  STACK  UP? 


CALL  ACTUATE. 


y  RAINING  ALL  YOUR  CUSTOMERS 
WOULD  COST  MILLIONS. 


Information  accessibL^iA^ 


TO  TRAINED  POWER  USERS 


It  S  TIME  TO  FOLD 
YOUR  HAND  AND  RUN 


r 

r 

't 

-^ACTUATE 


I 


Enable  your  IT  Department  to  build  scalable  Information  Applications  that  give 

ALL  USERS  ACCESS  TO  THE  RIGHT  DATA-IN  A  FORM  THEY  CAN  ACT  ON  RIGHT  AWAY. 

Empower  your  entire  organization  with  a  solid  foundation  for  delivering  information: 
Actuate’s  Information  Application  Platform.  Using  Actuate  7,  your  IT  team  can  build 
dashboards,  enterprise  reporting,  and  other  Information  Applications  that  bring 
information  access  and  analysis  to  100%  of  your  organization.  All  in  forms  they  can 
use  to  take  the  right  action— like  Excel,  PDFs,  Web  pages,  and  more.  And  unlike 
business  intelligence  tools.  Actuate  7  empowers  everyone,  not  just  power  users, 
and  offers  the  lowest  TCO.  So  contact  Actuate  today  and  start  building  Information 
Applications  that  let  you  tower  above  the  competition:  1-800-914-2259. 

www.actuate.com/empower 


©  2003  Actuate  Corporation.  All  rights  reserved.  Actuate  is  a  registered  trademark  of  Actuate  Corporation. 


trendlines 


A  Rash  of  IT  Failures 

Continued  from  Page  20 

Halamka’s  story.  Clark  titles  the  missive  “Misery  loves  company.”  So  what’s 
going  on  here?  Are  these  incidents  just  plain  bad  luck,  or  are  we  seeing  symp¬ 
toms  of  a  larger  problem? 

“Health  care  has  taken  quite  a  rap  in  IT  investment  and  IT  leadership”  on 
a  national  level,  says  Elliot  Stone,  head  of  the  Massachusetts  Health  Data 
Consortium,  a  group  of  health-care  CIOs  in  the  state. 

Stone  says  these  CIOs  are  being  asked  to  use  technology  to  improve  care 
while  also  cutting  hospital  costs.  These  goals  may  conflict.  At  the  same  time, 
“we’re  talking  about  an  industry  that  clearly  has  constrained  financial 
resources”  to  begin  with.  Stone  says. 

Health-care  CIOs  must  navigate  a  complex  skein  of  regulations,  doctors,  hos¬ 
pitals,  clinics,  pharmacies,  patients  and  insurance  companies.  And  complex  are 
the  networks  that  connect  them  all. 

Covenant  Health’s  case  is  a  good  example  of  this  interdependence.  Clark’s 
infrastructure  nearly  stopped  Slammer.  The  partner  company  that  infected 
his  network  told  him  its  own  network  was  infected  by  yet  another  partner. 
Other  health-care  CIOs  Clark  knows  say  Slammer  slammed  them  when 
employees  accessed  networks  from  home.  The  trend  worries  Clark. 

“We  try  to  impress  on  people  that  outages  will  happen  if  this  continues,  but 
they  don’t  think  it  vdll  really  happen,”  he  says.  “What  you  learn  from  this  is  that 
it  doesn’t  take  much  to  affect  health  care.  We  were  exploited  by  one  little  vul¬ 
nerability  and  a  crude  virus  that  just  overwhelmed  everybody.”  Scott  Berinato 


Health-Care  System  Snafus 

Add  these  missteps  to  a  growing 
roster  of  computer  network  failures  in 
2002-2003 


■X*  Cigna’s  $1  billion  IT  overhaul  suffers  a  false  start, 
causing  the  health  insurer  to  acknowledge  cus¬ 
tomer  defections  in  October. 

Cedars-Sinai  Medical  Center  suspends  a 
computerized  physician  order  entry  deployment 
after  doctors  mutiny  in  January. 

A  March  power  outage  causes  Kaiser  Permanente 
software  to  misprint  labels  on  prescribed 
medications.  The  HMO  contacts  4,700  people 
to  verify  their  orders. 

A  new  laboratory  computer  system  overload 
at  Los  Angeles  County-USC  Medical  Center 

prompts  the  emergency  room  to  turn  away 
ambulances  in  April. 

SOURCES:  CIO  REPORTING.  KAISER  PERMANENTE. 

LOS  ANGELES  TIMES 


OUTSOURCING 

Offshore  in  Turbulent  Times 


THE  UNITED  STATES’ war 

on  terrorism  has  had  little 
effect  so  far  on  companies’ 
offshore  outsourcing  deci¬ 
sions,  but  CIOs  continue  to 
beef  up  business  continuity 
plans  for  their  offshore 
operations. 

Tandy  Gold,  a  former 
offshore  program  manager 
for  a  large  Northeast  bank 
and  founder  of  an  offshore 
interest  group  of  Fortune  100 
companies,  says  IT  execu¬ 
tives  are  monitoring  security 
very  closely.  But  for  the  most 
part,  it  still  is  business  as 
usual. 

“Experienced  offshore 
managers  will  tell  you  that 


9/11  happened  here,  not  in 
India.  So  the  days  of  associ¬ 
ating  safety  with  geography 
are  behind  us,”  Gold  says. 


The  key,  she  adds,  is  knowing 
up  front  how  to  manage  risk 
and  understanding  that  cities 
in  India  have  different  levels 


of  stability.  Most  large 
companies  “have  sophisti¬ 
cated  redundancies.  One 
financial  services  firm  has 
data  moved  regularly  in  three 
places  across  India  as  well  as 
another  three  in  Europe," 
she  says. 

Tensions  between  India 
and  Pakistan  caused  a  delay 
in  some  deals,  says  Meta 
Group  analyst  Dean  Davison, 
addingthat  the  conflict  forced 
some  offshore  vendors  to 
bolster  their  disaster  recovery 
plans.  That  could  happen 
again.  (Leaders  for  both 
nations  said  in  May  that  they 
would  improve  relations.) 

-Stephanie  Overby 


What  Expert&Say  CIOs  Should  Do 


►  Make  sure  that  offshore  providers  have  access  to  company 
networks  through  authorized  gateways,  but  limit  their  ability 
to  alter  data. 

►  Make  sure  your  vendor  has  tested  risk-mitigation  plans  in 
the  past  month. 

►  If  necessary,  renegotiate  contracts  to  accommodate  the 
changing  server  locations,  onshore  rates  and  backup  plans. 

►  Create  action  plans  and  cost  estimates  for  moving  some 
teams  onshore. 

►  Diversify  geographic  risk  (such  as  adding  vendors  with 
multiple  locations). 


2  2  CIO  JUNE  15.  2003 


www.cio.com 


'■*:  ■ 


-'^1^ 


•r^-^K- 

?^C 


“Because  of  our  ■ 

data  network,  we’re  able 
’■■^Ki'to  give  children  back  almost  a  year 

■  1*111  I 

Of  their  childhoods.” 


—  Chris  Card,  ceo 

Hillsborough  Kids 


Tan-oa.  Flonda 


“I  Started  as  a  caseworker.  You’d  take  a  kid  out  of  a  bad  home,  everything 
they  own  in  a  black  garbage  bag,  drive  them  someplace  new  and  strange.  Getting  them  to  a  safe  and  permanent 
home  would  take  years.  Cutting  that  time  in  half  depends  on  our  ability  to  access  and  move  data  from  different 
agencies  and  their  systems.  None  of  that  would  happen  if  our  network  wasn’t  reliable.  Our  data  solution  comes 
from  Verizon.  What  it’s  helped  us  do,  really,  is  give  these  kids  back  almost  a  year  of  their  childhoods.” 


How  can  Verizon  help  solve  your  data  needs? 
Visit  us  at  verizon.com/data 


ven7on 


Make  progress  everyday 


trendlines 


Off  the  Shelf 


Edited  by  Carol  Zarrow 


Making  History 

From  Airline  Reservations  to  Sonic  the 
Hedgehog:  A  History  of  the  Software 
Industry 

By  Martin  Campbell-Keily 
MIT  Press,  2003,  $29.95 

FROM  AIRLINE  RESERVATIONS  TO  SONIC 
THE  HEDGEHOG  is  the  first  history  of  the 
software  industry,  at  least  according  to  the 
book  jacket.  That  claim  seems  a  bit  sur¬ 
prising.  Software  is  a  high-profile  sector, 
accounting  for  more  than  $250  billion 
internationally  in  annual  revenue.  And  while 
the  industry  is  new,  it’s  not  that  new.  The 
clock  started  running  in  the  late  1950s  and 
early  1960s,  writes  Campbell-Kelly,  when 
the  U.S.  government  decided  to  fund  sev¬ 
eral  command  and  control  systems  for  the 
military.  One  might  reason  that  40  years 
should  have  been  plenty  of  time  for  some¬ 
one  to  write  a  comprehensive  history. 

A  cogent  history  needs  a  narrative  core, 
howeveg  and  as  the  author  points  out,  the 
software  industry  has  never  had  a  singu¬ 
lar  identity.  Almost  everything  about  the 
industry — applications,  pricing,  market¬ 
ing — is  determined  by  the  machine  and 
operating  system  on  which  the  software 
runs.  When  hardware  and  operating  sys- 


"What  I’ve  seen  happening  overtime 
is  that  project  management  tools  do 
a  lovely  job  of  mapping  the  known 
part  of  a  project's  future  and  say  darn 
little  about  all  the  things  that  might 
happen.  The  idea  that  we  can  graph 
our  way  to  success  is  an  illusion  and 
a  dangerous  one.” 

-From  a  CIO  Radio  (www.cio.com/radio) 
interview  with  Tom  DeMarco  and  Timothy  Lister, 
authors  of  Waltzing  with  Bears:  Managing  Risk 
on  Software  Projects  (Dorset  House,  2003) 


terns  change,  the  software  changes  as  well. 

So  CampbeU-Kelly’s  book  is  not  so  much 
a  history  of  a  single  industry  but  a  collection 
of  histories  that  chronicle  the  rise  of  several 
industries.  Despite  its  lack  of  continuity, 
however,  readers  will  see  a  progression  of 
sorts,  as  software  and  services  move  from 
being  capital  goods  (characterized  by  low 
sales,  high  prices  and  lots  of  after-sales  sup¬ 
port  costs)  to  consumer  goods  (with  high 
sales,  low  prices  and  fewer  after-sales  sup¬ 
port  costs).  Throughout  these  histories, 
common  themes  emerge,  such  as  the  power 
of  first-mover  advantage  and  the  doctrine  of 
increasing  returns  (each  copy  of  software 
sold  makes  it  easier  to  sell  the  next). 

A  third  theme  emerges  as  well,  and  this 
is  the  reason  why  this  book  fails  to 
produce  a  coherent  narrative:  Soft¬ 
ware  development  is  a  field  that  con¬ 
sumes  its  own  history.  Software 
succeeds  when  it’s  a  good  fit  for  the 
current  computing  environment. 
When  the  environment  changes,  the 
software  must  change  as  well.  Soft¬ 
ware  is  an  industry  that  lives  and  dies 
by  the  promise  of  the  new. 

The  newest  promises  in  comput¬ 
ing,  the  Internet  and  open  source,  are 
left  uncovered.  Campbell-Kelly  ends 
his  narrative  in  the  mid-’90s,  just  as 
those  twin  forces  are  emerging.  Iron¬ 
ically,  it  is  possible  that  the  historian 
has  bowed  out  just  as  HTTP,  XML 
and  networking  were  about  to  give 


CIO  Best-Seller  List 

5  The  Iron  Triangle:  Inside  the  Secret 
World  of  the  Carlyle  Group 

By  Dan  Briody 

John  Wiley  &  Sons,  2003 

4  Leadership 

By  Rudolph  W.  Giuliani 
Miramax  Books,  2002 

3  Execution:  The  Discipline  of  Getting 
Things  Done 

By  Larry  Bossidy  and  Ram  Charan 
Crown  Publishing  Group,  2002 

2  Primal  Leadership:  Realizing  the  Power 
of  Emotional  Intelligence 

By  Daniel  Goleman,  Richard  Boyatzis 
and  Annie  McKee 

Harvard  Business  School  Press,  2002 

IGood  to  Great:  Why  Some  Companies 
Make  the  Leap.. .and  Others  Don’t 

By  Jim  Collins 

HarperCollins  Publishers,  2001 


SOURCE:  DATA  FROM  FEB.  12,  2003.  TO  MAY  13.  2003. 
COMPILED  BY  POWELL'S  BOOKS,  PORTLAND.  ORE. 


the  industry  the  cohesiveness  required  for  a 
true  history.  It  is  a  great  loss  that  the  author 
didn’t  take  on  this  last,  tumultuous  decade. 

For  readers  who  do  “remember  when,” 
however,  this  book  is  a  good  read  and  a 
pleasant  reminder.  Here  again,  unearthed 
from  years  of  magazine  articles,  are  the  sto¬ 
ries  of  ADR,  CuUinet,  Computer  Vision  and 
dozens  more  companies  that  formed  a  gen¬ 
eration  of  technology  users,  made  them  their 
friends  and  filled  their  lives.  For  its  nostalgic 
value  alone,  this  one’s  a  keeper. 

-Fred  Hapgood 

cio.com  For  more  good  reads,  visit 
the  READING  ROOM  at  www.cio.com/ 
books  and  also  visit  the  BOOK  ROOM  at 
www.darwinmag.com/connect/books. 


24  CIO  JUNE  15,  2003  •  www.cio.com 


reach 

AVAyA 

a  higher  plane 
of  communication 


JETBLUE  AIRWAYS  has  a  secret 

weapon  in  the  airline  competition:  a  virtual 

reservations  center. 

As  in,  virtually  no  overhead  costs,  no 
unhappy  employees,  no  limits  to  growth. 

Because  JetBlue’s  600  agents  all  work 

from  home.  In  the  state  of  Avaya,  our 

contact  center  solution  lets  every  agent 
field  customer  inquiries  and  book 

reservations  in  real  time,  in  their  socks  if 

they  choose,  with  a  PC-based  soft  phone. 

Avaya  helped  JetBlue  get  off  the  ground 

with  $4  million  in  revenue  from  10,000 

reservations  its  first  week  alone.  See  how 

your  customer  relationships  can  take  off 

with  the  worldwide  leader  in  multimedia 

contact  centers  at  avaya.com/cc.  Or  call 

866-GO  AVAYA  today. 

IP  Telephony 

Contact 

Centers 

Unified  Communication  Services 

EVERY  JETBLUE  AIRWAYS  RESERVATIONS  AGENT 


work&  $r€m  home,  sweet  home  with 

THE  VIRTUAL  CONTACT  CENTER 


§rom  Avaya,  sweet  Avaya. 


©  2003.  Avaya  Inc.  All  Rights  Reserved. 
Avaya,  the  Avaya  Logo,  and  all  trademarks  identified  by  ®  or  ^  are 
trademarks  of  Avaya  Inc.  and  may  be  registered  in  certain  jurisdictions. 


I 

1 


Distribution  is  unaffected.  Can  you  see  it? 


his  is  on  demand  business.  Where  companies  embrace  the  unexpected.  Where  a 
network  of  locations  can  alter  processes  everywhere  at  once,  responding  instantly 
to  markets  or  weather.  Rerouting  shipments,  redirecting  workflow.  Never  missing  a 
beat.  On  demand  business.  Get  there  with  (g  business  on  demand™ 


ibitipcom/ondemand 


IBM,  the  e-business  logo  and  e-business  on  demand  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States 
and/or  other  countries.  ©2003  IBM  Corporation.  All  rights  reserved. 


r 


trendlines 


A  World  of  Portals 

No  longer  just  for  procurement,  portals  show  up  in  every 
industry  and  business  process.  Here  are  some  worth  noting. 


Go  To: 


http :/ /vw  .army  .mil 


Go  To:  [http ://wv  acushnotgolf  com 


Customer  Links 

THE  ACUSHNET  CO.’S  CUSTOMER  PORTAL  grew  organ¬ 
ically.  Two  years  ago,  the  golf  equipment  maker  created  a 
way  for  customers  to  check  order  status  and  get  product 
information. 

Since  then,  Peg  Nicholson,  Acushnet's  senior  vice 
president  and  CIO,  has  learned  that  a  portal  requires 
ongoing  care.  Now  that  about  3,500  of  Acush- 
net’s  11,000  customers  (pro  shops,  sporting 
goods  and  other  retailers)  use  the  portal 
to  Inquire  about  new  Cobra  clubs, 

Titleist  balls  and  FootJoy  shoes,  enter 
orders  and  pay  bills,  part  of  Nichol¬ 
son’s  job  is  to  keep  them  happy. 

That  means,  for  example,  offering  „ 


4S- 


users  of  the  password-protected  portal,  Acushnetgolf.com, 
a  price  break  on  a  new  Dell  PC.  Easier  product  returns  are 
on  tap.  Acushnet,  a  $1  billion  unit  of  Fortune  Brands,  imple¬ 
mented  Its  portal  using  Click  Commerce  software. 

Nicholson  says  the  biggest  challenge  in  building  Acush¬ 
net's  portal  was  reengineering  business  processes  to  get 
product  information  (price,  size,  brand)  into  the  company's 
systems  at  the  right  time.  With  the  portal,  Acushnet  has 
seen  service  calls  decrease;  many  customers 
use  the  system  after  hours.  Nicholson,  who 
declined  to  say  what  Acushnet  spent  on 
the  portal,  says  she  believes  it's  pay¬ 
ing  off.  She  adds,  "The  ROI  is  there  as 
you  get  more  and  more  customers 
on  board." 

-Megan  Santosus 


cm 


.tS' 


The  Biggest  Intranet 

DURING  THE  WAR  IN  IRAQ,  Gen.  Tommy  Franks  ordered  the  Army  to  cut  off 
access  to  commercial  Internet  services  such  as  AOL  and  MSN.  For  soldiers  who 
made  their  way  to  a  computer  to  send  e-mail  home,  that  left  one  option:  the  portal 
called  Army  Knowledge  Online,  or  AKO. 

The  Army  calls  AKO— a  portal  for  1.4  million  soldiers. 
National  Guard,  reserves,  retirees  and  civilian  staff— the 
largest  intranet.  It  provides  personalized  information  to 
soldiers,  such  as  their  medical  readiness  for  deployment. 

The  portal  “makes  for  one  less  thing  that  a  personnel  clerk 
has  to  do,"  says  Major  C.J.  Wellington,  AKO  team  leader  in 
the  Chief  Technology  Office.  About  98  percent  of  those  on 
active  duty  use  the  portal. 

To  sign  on,  users  log  in  at  the  Army’s  site  (www.army.mil}. 
There,  they  have  access  to  e-mail,  instant  messaging,  and  their 
personnel  records  and  training  information.  In  addition,  more  than  300  Army  organi¬ 
zations  maintain  communities  of  expertise  on  AKO,  such  as  equipment  manuals  for  an 
artillery  battalion.  Family  members  can  also  sign  up  for  guest  accounts. 

AKO  uses  a  J2EE  architecture  developed  by  Appian.  Wallington,  who  could  only 
say  that  the  Army  “went  through  a  lot  of  cash  and  has  more  than  recouped  the 
cost”  in  creating  AKO,  estimates  that  the  system’s  single  authentication  process 
alone  saves  the  Army  roughly  $200  million.  Usage  at  Army.mil  spiked  in  February 
2003  with  war  talk.  The  biggest  day  for  unique  user  log  ins:  125,000  on  March  25, 
2003.  On  that  day,  U.S.  troops  in  Iraq  encountered  heavy  fighting  in  southern  cities 
of  Nasiriyah  and  Najaf  as  sandstorms  raged  in  the  desert.  -Cheryl  Asselin 


T 


On  a  Screen 
Near  You 

Portal  implementations  cut  across 
industry  and  function 

'■»-'llllUJI|:IUIA 

The  Sperry-Marine  unit  at  Northrop 
Grumman  helps  workers  in  different 
locations  manage  RFPs  and  the 
subsequent  projects  through  a  portal 
running  on  software  from  Welcom. 

Toymaker  Kids  II  shares  new  product 
designs  with  25  plants  in  Asia  via  a 
portal  connected  to  its  Mapics  ERP 
system. 


^!ltrwr4.TJ!ff.T> 


The  General  Services  Administration 

has  developed  a  procurement  portal 
for  federal  agencies  using  Sybase 
software.  It  tracks  almost  1.5  million 
products  and  services  offered  by  more 
than  4,000  vendors. 


Tesco.com,  the  British  grocery  giant’s 
portal  for  Web  and  mobile  phone  con¬ 
sumers,  tailors  consumers’  shopping 
views  using  Autonomy  software. 


The  South  Carolina  Department  of 
Health  and  Human  Services  gives 
health  workers  at  150  offices  immedi¬ 
ate  access  to  Medicaid  benefits  data 
via  a  Novell-based  portal. 


NETWORK  MANAGEMENT 


IT  managers  at  Hong  Kong-based 

Mandarin  Oriental  Hotel  Group  moni¬ 
tor  its  global  computer  network  that 
supports  hotels  in  18  cities  through  a 
portal  application  run  by  InteQ. 


KNOWLEDGE  MANAGEMENT 


Drugmaker  Eli  Lilly's  corporate  portal 
categorizes  documents  that  make  up  a 
molecule  library  for  30,000  users.  The 
MyElvis  portal  integrates  Lotus  Notes 
with  software  from  Documentum, 
Plumtree  and  Semio. 


2  8 


CIO  JUNE  15,  2003 


www.cio.com 


PHOTO  TOP  BY  AP/WIDE  WORLD  PHOTOS:  BOTTOM  BY  GETTY  ONE 


He’s  concentrating  on  playing  brilliantly. 

Confident  that  the  string  section  is 
compatible  with  the  trumpets. 


r--:- 


4 


i 

t 

!  Imagine  communications  and  IT  systems  worked  just  like  orchestras. 

No  compatibility  problems.  No  security  issues.  Just  total  flexibility  and  great  performance. 

Business  IP  -  BT’s  Global  IP  Network  offers  just  this.  It  can  help  your  people  and  business  perform  together  beautifully. 
For  more  information  on  how  BT  can  help  bring  harmony  to  your  organization  contact  us 
on  l-800-3314568orwww.bt.com 

Creating  Complete  Business  Communications 


BT 


The  sefvices,  equipment  and  products  described  are  provided  subject  to  availability,  prior  sale  and  change  without  notice  and  no  part  of  this  publication  shall 
form  part  of  any  contract.  The  general  terms  and  conditions  of  BT  Americas,  Inc.  shall  apply.  All  trademarks  and  brand  names  used  are  registered. 

©  BT  Americas,  Inc.  2003  CIU-IT5 


trendlines 


Edited  by  Elana  Varon 


INFLUENCE 

On  IT  Regs,  It’s  CIOs 
Versus  Consultants 

ENSURING  THAT  A  COMPANY  is  able  to 
comply  with  governmental  regulations  is 
now  part  of  the  CIO  job.  It  is  also  one  of  the 
most  frustrating  parts.  For  example,  new 
security  regulations  for  the  Health  Insurance 
Portability  and  Accountability  Act  (HIPAA) 
are  full  of  page  after  page  of  “shoulds,” 
“needs”  and  “musts”  that  impact  corporate 
information  systems,  but  they  almost  never 
say  how  to  meet  the  letter  of  the  law. 

“The  government  just  says  you  have  to 
do  it,”  says  Rick  Skinnei;  vice  president  of 
information  services  and  CIO  of  Provi¬ 
dence  Health  System,  who  oversees  his 
company’s  HIPAA  compliance.  “There  is 
no  template.”  CIOs  are  often  left  with  this 
choice:  Guess  that  the  steps  they  are  taking 
toward  compliance  are  the  right  ones,  or 
(more  likely)  hire  expensive  consultants. 
But  CIOs  can  help  create  better  regulations 
if  they  are  willing  to  take  a  more  active 
role  in  policy-making. 

Many  regulatory  agencies  such  as  the 
Department  of  Health  and  Human  Ser¬ 
vices,  the  FCC,  the  FDA  and  the  SEC  have 
a  veneer  of  independence,  but  it’s  no  secret 
that  they’re  susceptible  to  political  pressure. 
In  the  case  of  regulations  that  affect  corpo¬ 
rate  FT,  the  high-tech  consulting  industry 
holds  sway.  According  to  the  Center  for 
Responsive  Politics,  a  campaign  finance 
watchdog  organization,  high-tech  compa¬ 
nies  and  the  accounting  industry  (which 
incorporates  many  top  IT  consultancies) 
donated  more  than  $36  million  to  2002 
political  candidates  and  causes.  These  dona- 

cio.com  To  see  an  example  of  how 

one  CIO  responded  to  a  proposed  govern¬ 
ment  policy,  go  to  www.cio.com/printlinks. 


tions  buy  access  to  lawmakers  who  dictate 
agencies’  budgets  and  often  their  policies. 

Lewis  Branscomb,  a  professor  at  Har¬ 
vard  University’s  Kennedy  School  of  Gov¬ 
ernment  who  ran  what  is  now  the  National 
Institute  of  Standards  and  Technology  from 
1969  to  1972,  says  it’s  an  unspoken  rule  in 
Washington  that  regulatory  agencies  keep 
consultants  who  operate  with  many  differ¬ 
ent  industries  in  mind.  Officials  from  the 
FDA,  DHHS  and  SEC  contacted  for  this 
story  wouldn’t  comment  on  the  record,  but 
they  say  privately  that  they  don’t  want  to 


force  companies  to  use  technology  that 
might  quickly  become  obsolete. 

Feedback  to  regulators  from  CIOs  (with 
the  corporate  counsel’s  blessing)  is  one  way 
to  make  a  difference.  Last  October;  Allan 
Woods,  CIO  of  Mellon  Financial,  told  the 
SEC  that  a  proposed  data-recovery  objec¬ 
tive  of  two  to  four  hours  following  a  major 
disaster  might  not  be  technically  attainable, 
but  that  eight  hours  was  a  fair  goal.  The 
SEC  subsequently  amended  its  guidelines  to 
recommend  such  problems  be  fixed  within 
one  business  day.  -Ben  Worthen 


SPAM 


Lawmakers  Get  Creative  to 
Fight  Unwanted  E-Mail 

CHARGING  SPAMMERS  WITH  RACKETEERING  CRIMES  and  rewarding  spam 
victims  with  a  financial  bounty  are  among  the  more  creative  solutions  proposed  by 
members  of  Congress  to  the  problem  of  unsolicited  e-mail. 

Legislation  from  Sen.  Bill  Nelson  (D-Fta.)  allowing  racketeering  charges  against 
spammers  would  enable  authorities  to  seize  the  spammers’  assets  and  let  private 
citizens  file  lawsuits  against  them.  Meanwhile,  Rep.  Zoe  Lofgren’s  bill  would  give  the 
first  person  who  reports  an  illegal  spammer  a  bounty  of  20  percent  of  the  fine  the 
Federal  Trade  Commission  eventually  imposes,  creating  the  potential  for  fines  of 
$100,000  and  rewards  of  $20,000  or  more. 

Nelson's  bill  addresses  criticisms  from  antispam  activists  (at  an  FTC  forum  in  May) 
that  proposals  like  Lofgren’s  do  not  provide  a  way  to  file  private  lawsuits  against  spam¬ 
mers.  Consumer  advocates  and  lawyers  say 
the  spam-fighting  problem  is  caused  not  by 
the  public  failing  to  report  spam  but  by  law 
enforcement  failing  to  act.  Lofgren  argues  that 
the  bounty  would  help  prosecutors  identify 
the  most  offensive  spammers  without 
expending  many  resources. 

Antispam  advocates  praise  another 
proposal  by  Sen.  Charles  Schumer  (D-N.Y.), 
who  wants  to  create  a  national  no-spam  list 
similar  to  Do  Not  Call  lists  used  to  discourage 
telemarketing.  Schumer’s  approach  would 
also  enable  private  suits  or  law  enforcement 
actions  against  spammers.  -Grant  Gross 


3  0  CIO  JUNE  15,  2003 


www.cio.com 


iiiiiii 


YOU’RE  CUTTING  COSTS, 
TRIMMING  STAFF  AND 


MAKING  DO  WITH  LESS. 


%Hri:::| 

•WMliiliin 


1^:;:  :•: 


•M 


h** 


gii* 


if*! 


ii!f 


•  i«! 


ig|g 


s*** 


i 


fs*! 


.«1«  N 


•■■! 


■»!!! 


iii** 


5 


S  igggi»* 

m  ...iiii 


gg 


gg 


gi 


gg 


TIBCO  is  the  leading  independent  easily-deployed 
integration  software  provider.  even  in  today's 


SO  HOW  ARE  YOU 
SUPPOSED  TO  GROW  REVENUE? 

The  answer  is  integration.  TIBCO  Software's 
proven  integration  solutions  will  help  your  company 
cut  costs  while  increasing  the  capability,  agility 
and  efficiency  of  your  business.  By  unifying  and 
optimizing  your  existing  assets — people,  processes 
and  legacy  systems — you  can  do  more  with  what 
you  already  have.  And  do  it  better. 

TIBCO  gives  you  the  benefits  of  real-time 
business,  getting  information  where  and  when 
it's  needed  and  coordinating  activities  end-to-end. 
You'll  automate  processes,  while  giving  people 
the  information  to  make  better  decisions  and  act 
more  quickly.  It's  what  we  call  The  Power  of  Now.™ 
Our  unbiased  approach,  proven  technology  and 
integration  solutions  will  help  you  grow  your  business 
difficult  environment. 


Delta  Air  Lines,  NASDAQ  and  Pirelli  are  among  more  than 
2,000  leading  companies  we've  helped  to  cut  costs  and  drive 
revenue.  Learn  how  we  can  help  your  company  do  more  with 
less.  Call  800-420-8450,  or  visit  us  at  www.tibco.com/cib 


I®  TIBCO 

The  Power  of  Now'“ 


I 


20u:)  •  I  rn  . . . 

trMkmurks  of  VERI'IAS 


served.  VERITA^PPA’ERlT/i^ 
i|tf^'ERITAS\.ogo  Reg..jU4!^ 


Nothing  upsets  executives  more  than  email  outage.  VERITAS 
Software  virtually  eliminates  Microsoft  Exchange  downtime. 

veritas.com 


\%  j 

[r  . 

/v 

1 -C* 

w/'- 

Si;-, 

ILLUSTRATIONS  BY  JULIETTE  BORDA 


trendlines 


Gather  Round  the  Screen,  Kids 


SUMMER  CAMP 


IN  THE  mid-1970s,  Fairfield  University  pro¬ 
fessor  Michael  Zabinski  won  grants  to  train 
high  school  teachers  to  integrate  computers 
into  their  curriculum.  The  experience  got 
him  thinking  about  ways  to  reach  children 
directly.  In  1978,  he  founded  the  nation’s 
first  computer  camp. 

For  two  weeks  that  first  summei;  a  group 
of  children,  mostly  10  to  14  year  olds,  gath¬ 
ered  in  a  small,  junior  high  school  class¬ 
room,  drawn  by  the  opportunity  to  get  their 
hands  on  something  most  kids  their  age  had 
seen  only  on  television.  They  learned  Basic, 
used  Wang  computers  and  stored  their  work 
on  audiocassettes.  “In  those  days,  the  super; 
super;  super  majority  of  kids  did  not  have  a 
computer  at  home  or  even  at  school,”  says 
Zabinski,  a  professor  of  physics  and  engi¬ 
neering.  “For  them,  it  was  the  mystique  that 
attracted  them  to  the  camp.” 

The  follovUng  year;  Zabinski  acquired  24 
Radio  Shack  TRS  80s,  some  with  floppy 
drives  5.25  inches  wide.  Now,  T^binski  runs 
five  National  Computer  Camps  around  the 
nation  where  campers  learn  Assembler, 
Basic,  C+-I-,  HTML,  Java,  JavaScript  and 
XML  on  their  pick  of  a  2GHz  PC  or  Mac. 

Since  those  days,  computer  camps  have 
sprung  up  across  the  country  like  Web  pop¬ 
up  ads.  Unlike  traditional  summer  camps. 


which  feature  rustic  cabins  by  a  lake,  com¬ 
puter  camps  are  typically  held  on  college 
campuses.  Campers  sleep  in  dorm  rooms. 
Swirnming,  if  offered,  takes  place  in  a  pool. 
Technology  immersion  is  the  goal. 

But  there  is  one  important  similarity 
between  computer  camps  and  their  more  tra¬ 
ditional  counterparts;  a  chance  to  forge  last¬ 
ing  friendships  with  kindred  spirits.  Children 
who  choose  to  spend  their  free  time  in  front 
of  a  computer  tend  not  to  be  the  outgoing 
class  president  or  star  athlete  type,  says  Corey 
Marx,  marketing  director  for  Seattle-based 
Cybercamps.  “For  a  lot  of  these  kids,  this  is 
a  place  to  meet  friends  who  have  similar 
interests,”  namely  a  passion  for  technology. 

Weekly  rates  for  computer  camps  range 
from  $600  for  day  camp  to  $1,200  for 
overnight  programs.  Kids  can  expect  to  learn 
Web  design  and  multimedia  gaming.  Some 
camps  offer  3-D  animation  and  robotics. 
Activities  might  include  Internet  scavenger 
hunts.  Some  camps  even  have  e-mail,  though 
it’s  not  always  encouraged. 

“Part  of  the  summer  camp  experience  is 
about  getting  over  homesickness,”  says 
Craig  Whiting,  owner  of  Emagination 
Computer  Camps.  “If  they’re  e-mailing 
their  parents,  it  will  only  prolong  that.” 

-Sharron  Kahn  Luttrell 


SECURITY  POLICY 

Close  That  App! 
Right  Now! 

WHEN  CIOs  let  employees  use  screen 
savers  to  display  family  photos  or  their 
kids’  artwork,  they’re  missing  a  valuable 
chance  to  spread  the  word  about  impor¬ 
tant  security  issues,  says  Russ  Mumford. 

“Companies  are  extremely  limited  in 
terms  of  resources,  especially  when  it 
comes  to  security,’’  says  Mumford.  presi¬ 
dent  of  Greenidea,  a  San  Francisco-based 
software  developer.  “There’s  a  resource  on 
every  PC  that  has  tremendous  potential 
for  communication.”  Greenidea’s  Visible 
Statement  software  replaces  screen  saver 
images  with  animations  that  contain 
customized  corporate  security  messages. 

Aldo  Neverez,  information  security 
policy  manager  at  California  Independent 
System  Operator  in  Folsom,  Calif.,  started 
using  Visible  Statement  in  1998.  “We 
wanted  to  help  keep  security  awareness 
at  the  forefront  of  our  employees’  minds," 


Neverez  says.  He  uses  Visible  Statement 
to  display  messages  on  20  topics  such  as 
password  security  and  antivirus  tips. 

An  enterprise  license  for  Visible 
Statement  starts  at  $795  and  includes 
four  animations.  Mumford  says  a  com¬ 
pany’s  security  awareness  campaign 
should  include  more  than  just  using 
Visible  Statement.  The  software  works 
best  in  conjunction  with  other  modes  of 
communication  such  as  posters,  e-mail 
alerts  and  voice-mail  messages. 

-Megan  Santosus 


www.cio.com 


JUNE  15.  2003  CIO  3  3 


i 


Confessions  of  the  World's  Most  Demanding  CIOs. 


"FedEx  is  global  in  a  big  way,  and  we  need  the  tools  to  manage  a 
network  that  reaches  every  corner  of  the  planet  — systems  to  monitor 
flights  to  over  200  countries,  track  nearly  6  million  packages  a  day  and 
power  fedex.com.  Total  control  is  critical.  Being  on  time  is  everything. 

"HP  prescribed  the  perfect  management  solution  using  HP  OpenView. 
Now  we  oversee  data  centers  in  far-flung  places,  all  from  key  central 
locations.  And  we  can  automate  workload  balancing  and  boost 
support  to  hotspots  before  problems  affect  customers— whatever  the 
hardware  or  platform. 

"This  lets  our  IT  personnel  focus  on  running  the  business  smoothly 
and  decreases  costs  in  a  major  way.  No  pun  intended,  but  HP 
really  delivered." 


everything  is  possible 


www.hp.com/go/demandmore 


invent 


©2003  Hewlett-Packard  Development  Company,  L.R  Amazon.com'*'  is  a  registered  trademark  of  Amazon  com,  Inc. 


Charlie  Bell  VP  Te 


Confessions  of  the  World's  Most  Demanding  CIOs. 


"Managing  growth  and  more  growth  is  critical  for  Amazon.com. 
WeVe  partnered  with  thousands  of  new  global  merchants,  so  we  needed 
a  seamless,  sure-fire  way  to  work  with  all  of  them. 

"HP  came  in  with  an  open  agenda,  partnering  with  our  own  engineers 
to  migrate  to  a  totally  standards-based  system. 

"We  were  able  to  support  our  ever-increasing  retail  partners;  and  HP 
made  sure  our  system  could  handle  the  heavy  loads,  especially  during 
the  holidays.  All  this,  while  we  also  cut  our  IT  costs  and  lowered  prices 
for  our  customers. 

"Our  IT  has  to  deliver  thousands  of  novels,  DVDs  and  flat-front  khakis 
every  second.  And  every  day  our  expectations  — and  our  customers' 
expectations  — keep  getting  higher.  How  high  is  the  moon?" 


=  everything  is  possible 


www.hp.com/go/demandmore 


invent 


Michael Schrage  I  MakingITWork 


It’s  All  About  the  Execution 


Big  Brother 

IT  systems  are  too  often  used  to  monitor  and  punish 

rather  than  recognize  and  reward 


A  RECENT  MAINSTREAM  business  publication  had  a  nifty  piece 
about  how  cost-conscious  companies  now  aggressively  use 
computerized  travel  booking  services  to  make  sure  their  road 
warriors  fly  coach  and  don’t  surreptitiously  upgrade  their 
budget  hotel  rooms  from  double  beds  to  suites.  One  proud 
CIO  boasts  that  his  travel  and  expense  auditing  software  saves 
his  professional  services  company  bundles.  Hurrah. 

This  bean  counter’s  bonanza  ties  in  quite  neatly  with  yet 
another  powerful  IT  trend  in  the  “surveillance  economy”  that 
CIOs  now  oversee;  the  use  of  expert  systems  and  scoring  algo¬ 
rithms  to  scan  expense  reports  for  all  those  hidden  vicuna  coats, 
covert  bottles  of  Veuve  Clicquot  champagne  and  Vegas-based 
blackjack  bets.  With  more  and  more  corporate  transactions 
going  network,  a  company’s  ability  to  cheaply  and  thoroughly 
audit  itself  leaps  by  orders  of  magnitude.  As  team  players,  CIOs 
are  ready,  willing  and  able  to  work  with  internal  auditors  to 
craft  “exceptions  spotting”  software  and  collaborate  with  those 
department  heads  looking  for  easy  ways  to  flag  inappropriate 
or  wasteful  financial  behavior.  The  sheer  lethargic  lousiness  of 
the  economy  makes  CIOs  compelling  partners  for  any  and  all 


executives  who  declare  themselves  cost  conscious. 

Nothing  wrong  with  that.  Organizations  are  absolutely  enti¬ 
tled  to  manage  their  expenses  as  they  see  fit.  They’re  even  free 
to  assume  their  employees  are  all  thieves  until  proven  other¬ 
wise.  If  verification  is  more  cost-effective  than  trust,  then  go 
where  you  get  the  most  bang  for  your  buck.  That’s  the  Amer¬ 
ican  way,  no? 

Those  bottom-line  behaviors  aren’t  irrational.  I’m  even  com¬ 
fortable  with  the  assertion  that  real-time  cash  management 
surveillance  is  essential  to  running  a  business  well.  But  what’s 
so  appalling  about  this  proliferation  of  auditing  apps  is  that 
they’re  all  about  sticks.  Sure,  we  can  craft  networks  that  can 
catch  embezzlers,  moochers  and  travel  policy  violators  but 
what  about  apps  that  are  as  much  designed  to  reward  as  to 
punish?  Where  are  the  carrots? 

This  is  not  a  plea  for  corporate  compassion.  Rather,  it  is 


3  8  CIO  JUNE  15,  2003 


www.cio.com 


ILLUSTRATION  BY  BOB  DALY 


SUPER  ROASTS 


VALUE  ROASTS 


DLT 
VS  80 


Vrtape  ‘eo''"»'»«\:S  voa  a"^  .orV°u.  o-anoe^^'N  tree  ^ 

DLTtape  technology  that  s 


NO  PURCHASE  NECESSARY.  Go  to  (littape.com  for  official  lules.  Sweepstakes  ends  7/1/03.  Open  to  residents  of  the  United  States  and  Canada  who  are  18  or  older  and  employed  as  an  fS/IT  ,i)rofes,sional.  Void  in  Quebec. 

©2003  Quaiitiim  Corporation.  All  rights  reserved  OPTIONS  ARE  A  BEAUTIFUL  THING.  DLTtape,  Super  DLTtape  and  Value  DLTtape  are  trademarks  and  the  DLTtape  logo  is  a  registered  liademarS  of  Quantuiri  Corporation. 

All  other  trademarks  are  the  property  of  their  respective  owners. 


Michael  Schrage  I  Making  IT  Work 


a  request  for  CIOs  and  their  colleagues  to  recognize  reality 
instead  of  treating  it  like  a  marginal  nuisance.  There’s  an 
undeniable  logic  in  the  idea  that  we  should  turn  intranets 
into  dragnets.  And  yes,  we  are  fools  to  ignore  the  value  of 
networks  as  tools  to  enhance  and  ensure  compliance  in  the 
corporation. 

However,  we  are  both  fools  and  knaves  if  we  invest  the 
bulk  of  our  ingenuity  figuring  out  better  ways  to  pound  nails 
into  our  sticks  at  the  cost  of  figuring  out  creative  ways  to  plant 
carrots.  We  betray  our  understanding  and  respect  for  human 


We  betray  our  understanding  and  respect  for  human 
nature  by  not  coming  up  with  as  many  ways  to  reward 
our  employees  as  we  do  ways  to  trap  them. 


changes  have  been  designed  and  implemented  in  concert  with 
IT.  The  CIO  is  being  a  team  player.  He  can  prove  his  IT  peo¬ 
ple  are  boosting  the  company’s  cash  flow.  Hurrah. 

Yes,  the  company’s  employees  are  sullen.  But,  hey,  at  least 
they’ve  got  jobs.  Then  again,  their  desire  to  collaborate  with  IT 
on  various  projects  has  declined.  The  CIO  is  seen  more  as  the 
CFO’s  enforcer  rather  than  someone  who  invests  in  improving 
workplace  productivity.  That’s  not  good. 

If  CIOs  truly  care  about  the  ongoing  challenges  of  imple¬ 
menting  positive  change  in  their  organizations — as  opposed  to 

merely  empowering  the  legion  of  cost- 
cutters — ^they  had  better  be  seen  as  doing 
far  more  than  implementing  technical 
tattletales.  Portfolio  management  means 
striking  a  balance  between  using  net¬ 
works  to  tighten  financial  control  and 
using  them  to  expand  productive 


nature  by  not  coming  up  with  as  many  ways  to  reward  our 
people  for  clever  use  of  the  networks  as  we  do  ways  to  trap 
them.  I  think  CIOs  are  guilty  of  taking  the  path  of  least  resist¬ 
ance  here.  They  leap  to  pluck  the  low-hanging  fruit  while 
ignoring  equally  inexpensive  opportunities  to  make  employees 
feel  empowered  and  productive. 

That’s  awful.  I  personally  know  one  midsize  company  phas¬ 
ing  in  an  audits  package  for  its  salespeople  even  as  it  has 
deferred  development  of  its  “benefits  notification”  website  and 
e-mail  service.  What  kind  of  message  do  you  think  that  sends? 
The  company’s  CIO  tells  me  that  he’s  merely  reflecting  the 
CEO’s  priorities.  That’s  hardly  a  profile  in  courage.  I  think  it’s 
a  betrayal  of  trust.  Where’s  the  balance?  It  would  be  one  thing 
if  a  benefits  site  cost  a  fortune  to  implement  and  maintain.  It 
doesn’t.  Even  the  appearance  of  balance  is  sacrificed.  That’s  a 
false  economy. 

One  Fortune  500  organization  uses  its  network  to  deliber¬ 
ately  make  it  more  time-consuming  for  its  employees  to  fill 
out  the  e-forms  necessary  to  get  reimbursed.  What  once  took 

15  or  20  minutes  online  now 
takes  a  minimum  of  a  half 
hour  plus  a  manager’s  digital 
signature.  Here’s  the  kicker: 
Reimbursements  over  a  cer¬ 
tain  amount  now  take  30  days 
instead  of  14.  If  a  depart¬ 
ment’s  expenses  exceed  an 
undisclosed  limit,  accounting 
has  been  instructed  to  post¬ 
pone  a  portion  of  the  payables 
to  the  next  cycle.  All  those 


cio.com  Michael  Schrage 

thinks  that  CIOs  are  too  often  guilty 
of  taking  the  path  of  least  resistance 
when  it  comes  to  using  software  to 
punish  employees  instead  of 
motivating  them.  What  do  you  think? 
Have  you  used  auditing  technology 
as  a  carrot  or  as  a  stick?  Go  to  the 
ADD  A  COMMENT  box  on  the  online 
version  of  "Making  IT  Work."  Find  the 
link  at  www.cio.com. 


employee  opportunities. 

So  just  where  are  those  CIOs  who 
publicly  reward  the  best  and  fastest  response  to  an  enter¬ 
prisewide  e-mail  cry  for  IT  help  and  customer  support?  Which 
companies  pay  a  bonus  to  the  employee  whose  PowerPoint 
presentation  is  downloaded  and  used  the  most?  Which  intrapre¬ 
neurs  get  rewarded  for  citing  the  works  of  others  online?  Which 
organizations  are  creating  internal  economies  where  knowl¬ 
edge  sharing  and  personal  introductions  via  e-mail  get  com¬ 
pensated  in  cold  hard  computational  cash  or  credit?  Are  CIOs 
challenging  their  CEOs  and  CFOs  to  be  a  smidgen  more  cre¬ 
ative  about  the  value  of  their  intranets? 

Those  aren’t  rhetorical  questions.  They  reflect  a  corporate 
sensibility  that  is  being  sacrificed  by  too  many  executives  in 
their  rush  to  bring  Orwell’s  1 984  into  2004.  They  want  value- 
added  sticks.  Shame  on  them.  They’re  mismanaging  their  IT 
portfolios.  They’re  undermining  the  alliances  that  will  make 
future  implementations  go  more  smoothly  rather  than  face 
resistance. 

Our  intranets — our  ERPs  and  supply  chains — are  way 
overinvested  in  surveillance  and  punishment,  and  woefully 
underinvested  in  incentives  and  rewards.  That  asymmetry  will 
ultimately  cost  more  money  than  it  can  ever  save  if  we  don’t 
respect  the  reality  that  human  beings  need  networks  that  pro¬ 
vide  both.  Organizations  that  don’t  consciously  seek  to  build 
a  better  balance  are  managed  by  “leaders”  who  will  richly 
deserve  the  contempt  they  inspire.  Don’t  be  one  of  them. 
Don’t  let  your  CEO  or  CFO  become  one  of 
them  either.  QEl 

Michael  Schrage  is  codirector  of  the  MIT  Media  Lab’s 
eMarkets  Initiative.  He  can  be  reached  at  schrage@ 
medla.mlt.edu. 


4  0 


CIO  JUNE  15.  2003 


www.cio.com 


PHOTO  BY  JOHN  SOARES 


Jack  Keen  I  Real  Value 

Practical  Counsel  for  Capturing  IT  Value 


ROI’s  Secret 
Ingredient 


Numbers  aren’t  everything.  Don’t  underestimate 
the  importance  of  weaving  a  good  story 
into  your  business  case. 


GOOD  BUSINESS  CASES  are  calculated  based  on  numbers,  but  they 
are  approved  based  on  stories.  My  favorite  example  is  the  busi¬ 
ness  case  created  for  a  notoriously  penny-pinching  founder  and 
chairman  of  a  billion-dollar  services  company.  All  the  numbers 
shouted  savings.  But  what  sold  the  aging  chairman  was  the 
CFO’s  pitch  that  spending  money  on  better  human  resources 
systems  would  return  his  faltering  firm  to  its  former  glory. 

ROI  numbers,  no  matter  how  compelling,  won’t  speak  for 
themselves.  It’s  up  to  you  to  explain  what  they  mean  to  enter¬ 
prise  visions  and  goals.  Sure,  the  new  inventory  system  will 
provide  a  110  percent  ROI  by  helping  to  control  warehouse 
costs  and  boost  production  efficiency.  But  what  the  CEO  really 
wants  to  hear  is  that  it  will  make  the  company  a  more  irre¬ 
sistible  supplier  to  key  accounts. 

Clever  storytelling  is  one  of  the  quickest  and  most  effective 
ways  to  gain  executive  understanding,  buy-in  and  funding.  It 
also  helps  attract  support  and  cooperation  from  reluctant  users 
during  project  implementation  and  operation.  Vivid  stories 
translate  dry,  abstract  numbers  into  compelling  pictures  of  how 
deep  yearnings  of  decision  influencers  can  come  true.  Creat¬ 


ing  effective  stories  is  not  hard,  provided  we  clearly  understand 
who  these  decision  influencers  are,  know  well  what  they  most 
care  about  and  understand  where  to  place  stories  for  the  most 
impact.  I’ve  outlined  below  some  tips  for  doing  just  that. 

Three  Principles  of  Storytelling  Success 

1.  Know  your  audience.  Decision  influencers  are  humans  first 
and  businesspeople  second.  Like  you  and  me,  they  care  about 
personal  success,  have  egos,  ambitions,  anxieties  and  fears.  You 
may  well  know  your  CEO  and  CFO,  but  how  well  do  you 
understand  the  concerns  of  the  heads  of  marketing,  manufac¬ 
turing  or  customer  service?  Only  when  we  truly  understand 
all  of  our  stakeholders  can  we  be  assured  that  stories  we 
develop  are  ones  they  will  relate  to  when  it  comes  time  for 
making  the  business  case.  When  investigating  whose  hearts  to 


4  2  CIO  JUNE  15,  2003 


www.cio.com 


ILLUSTRATION  BY  MARTIN  O'NEILL 


'  Trust  the  coloi 

ing  in  the  Pentagon 


OKI’s  Full  Line  of  Color  Printers— Built  for  All  Your  Business  Demands. 


Trust  Earned  One  Success  at  a  Time. 

The  Pentagon  needs  color  printers  to  provide  thousands  of  full-color 
documents  they  demand  for  top  performance.  They  rely  on  OKI  color 
printers  because  OKI  has  been  making  award-winning  printers  for  30 
years.  With  a  new  full  line  of  color  printers  featuring  OKI’s  Single 
Pass  Color™  technology,  OKI  can  supply  your  business  with 
thousands  of  essential  color  documents. 


■n-ust  OKI’s  Proven  Customer  Satisfaction. 

Successful  professionals  like  you  continue  to  count  on  the 
award-winning  leader  in  color  printers  for: 

•  Web  site  and  live  customer  service,  24/7. 

•  High  “try  and  buy”  rating— 7  out  of  every  10  businesses  who  try 
an  OKI,  buy  OKI  color  printers. 


Use  OKI  color  printers  to  print  high-quality  color  reports, 
presentations  and  more  with  industry-leading  performance  and 
increased  cost-efficiency.  Features  include: 

•  High-speed  output  up  to  30  ppm  color,  37  ppm  mono— 1st  color 
page  out  in  1 1 .5  seconds’. 

•  Low  total  cost  of  ownership^:  up  to  35%  lower  than  competitive 
color  laser  printers. 

•  Clear,  crisp  color  images  up  to  1200  x  1200  dpi. 


[Best 

[BUY 

C7300n 
April  2003 


PC  WORLD 


Better  Buys 
for  Business 


C9300/C9500  C7300n 

January  2003  C9500clxn 
April  2003 


For  more  information,  call 
1-866-OKI-COLOR,  or  visit 
www.okidata.com/business 


O  %  #  fit  O  miIh 


Designed  to  Perform  in  the  Most  Demanding  Environments 


OKI 


PROVEN. 


I 


Jack  Keen  I  Real  Value 


Tips  for  Developing 
Compelling  ROI  Stories 


Build  stories  around  compelling  subjects.  Universally  power¬ 
ful  subjects  include:  achieving  rewards,  avoiding  major 
losses,  gaining  respect,  strengthening  security,  reducing  risk. 

Use  a  story  to  translate  the  main  investment  payoffs  into 
favorite  senior  exec  initiatives.  If  your  business  case  argues 
for  expanded  Web  services  for  improving  customer  support 
and  your  CEO  is  adamant  about  increasing  profits,  make 
your  story  about  how  happier  customers  can  also  reduce 
sales,  marketing  and  support  costs. 

Use  familiar  situations.  For  instance,  good  ROI  stories  for  a  for¬ 
est  products  company  likely  involve  forests,  logs  and  lumber. 

Use  vivid  language.  If  promoting  competitive  advantage, 
consider  words  like  conquer,  crush  ortriumph.  If  urgency  is 
the  driver,  speak  of  pressure,  speed,  stress  or  vitality. 

Keep  it  truthful.  Make  sure  any  facts  or  quotes  you  use  are 
accurate.  If  describing  future  situations,  make  it  clear  that 
they  are  projections. 

Be  succinct.  Stories  command  attention  only  when  they 
quickly  make  their  point.  Try  to  keep  individual  stories  to 
fewer  than  100  words. 


Stay  alert  for  story  ideas.  Hang  out  at  physical  and  virtual 
water  coolers  where  stories  get  told.  Interview  influential 
clients  and  important  suppliers.  Store  up  stories  for  later  use. 

Study  good  storytelling  in  action.  Keep  your  ears  tuned  for 
natural  storytellers  in  your  company.  Salespeople,  marketers 
and  public  relations  people  often  fit  this  mold. 


touch  and  how,  you  should  find  out  the  names,  ranks  and  serial 
numbers  of  these  decision  influencers,  as  well  as  what  they  are 
feeling  and  what  drives  their  actions.  JMany  such  insights  are 
often  easily  available  via  personal  or  published  interviews, 
annual  reports  and  industry  analyst  critiques.  Another  source 
of  input:  Get  to  know  the  people  who  know  them. 

2.  Hide  the  technical  details.  Instead,  focus  ROI  stories  on  why 
an  investment  choice  is  good.  That’s  where  the  excitement  and 
emotion  lie.  Leave  the  how  side  of  the  equation  to  other  parts  of 


the  business  case.  For  example,  the  real  story  of  a  CRM  business 
case  could  come  down  to  the  increased  chance  of  the  company 
winning  a  coveted  industry  award  related  to  growth  in  both  sales 
and  client  satisfaction.  Even  though  this  major  opportunity  may 
be  entirely  dependent  on  usage  of  a  SuperGizmo  Relational  data¬ 
base  within  the  CRM  system,  that  faa  is  not  allowed  to  dilute  the 
impact  of  the  story  about  industry  award-winning  opportunities. 

3.  Develop  a  compelling  story  to  sell  your  message.  The  best 
ROI  stories  vividly  convey  the  main  theme  of  the  business  case 
in  a  memorable  way.  For  example,  in  a  business  case  for  justi¬ 
fying  a  global,  intranet-based  product  design  knowledge  base, 
the  story  used  in  the  executive  summary  was  simply  a  quote 
from  the  CEO  of  a  key  client:  “I  prefer  doing  business  with  you, 
but  I  won’t  accept  late,  second-rate  product  designs.  Get  me  bet¬ 
ter,  new  products  faster  and  we’ll  double  our  business  with 
you.”  For  decision-makers  accustomed  to  jumping  whenever 
this  crucial  buyer  had  something  to  say,  the  whole  business 
case  boiled  down  to  this  vivid,  emotional  human  message.  The 
executives  got  the  picture,  and  the  funding  was  approved. 

By  the  way,  stories  don’t  have  to  be  written  to  be  effective. 
One  business  case  creator  used  a  simple  prop  during  an  after- 
dinner  speech  to  get  approval  for  the  biggest  database  project 
his  $20  million  consultancy  ever  launched.  His  plea  for  project 
approval  included  a  mock-up  of  a  future,  fictitious  Fortune 
magazine  cover  highlighting  the  grinning  faces  of  the  execu¬ 
tive  decision-makers.  This  database  investment,  he  exclaimed, 
had  such  power  for  the  company  that  it  would  be  the  spring¬ 
board  for  global  success.  Suddenly  thrusting  the  magazine 
mock-up  above  his  head,  he  proclaimed,  “Look  at  this  future 
Fortune  magazine  cover  story:  ‘Visionary  Execs  Hit  Global 
Home  Run.’”  While  everyone  laughed  at  this  obvious  appeal  to 
pride  and  ego,  the  funding  was  approved.  Years  later,  long  after 
the  details  of  the  ROI  analysis  had  faded  away,  the  pretend 
Fortune  cover  was  still  fondly  recalled. 

All  of  us  have  deep  desires  and  concerns  that  drive  our 
behavior.  Good  ROI  stories  know  this  and  speak  accordingly. 
For  more  eye-opening  examples  of  business  storytelling,  check 
out  the  website  for  a  conference  called  “Storytelling:  Passport 
to  the  21st  Century”  {www.creatingthe21stcentury.org). 

And  for  some  storytelling  tips  I’ve  found  helpful,  see,  “Tips 
for  Developing  Compelling  ROI  Stories,”  this  page.  Good  sto¬ 
rytelling  speeds  understanding,  retention  and  buy-in.  That’s  a 
great  payoff  from  just  a  few  little  words.  QEl 


Jack  Keen  is  founder  and  president  of  The  Deciding 
Factor  (www.decidingfactor.com)  and  coauthor  of 
Making  Technology  Investments  Profitable:  ROI  Road 
Map  to  Better  Business  Cases.  He  can  be  reached  at 
jack_keen@compuserve.com. 


4  4  CIO  JUNE  15,  2003 


www.cio.com 


WE'RE  NOT  HERE  TO  TELL  YOU 
THAT  ANTI-VIRUS  AND 
FIREWALLS  AREN'T  ENOUGH. 

THAT'S  WHAT  WORMS  ARE  FOR. 


m. 


Dynamic  Threat  Protection.  The  most  complete  protection  available. 

Most  large-scale  Internet  attacks  completely  bypass  firewalls  and  anti-virus.  We  stop  these 
threats  cold.  How?  Simple.  We  are  #1  in  the  world  for  security  intelligence  and  threat  protection 
technology.  We  deliver  the  fastest,  most  accurate  detection,  prevention  and  response  solution. 
We  call  it  Dynamic  Threat  Protection.  Visit  us  at  www.iss.net/iss-cio  or  call  800-776-2362. 


INTERNET 

Security 


Systems 


PRESENTS 


Michele  Hudnall  is  recognized  as  an  authority  in  the 
business  of  IT  operations,  enterprise  service  man¬ 
agement,  management  technologies  and  sourcing. 
Michele  is  ITIL-certified  and  holds  a  BBA  in  business 
management  from  James  Madison  University. 


ask 

™"EXPERT 

A  few  minutes  with  Micheie  Hudnall, 

Senior  Research  Analyst, 

Meta  Group 


Service  Desk  Outsourcing 


>  What  are  the  typical  services  delivered 
through  a  "Service  Desk?"  How  is  it 
different  from  a  Help  Desk? 

I  consider  a  Help  Desk  more  of  a  dispatch  center  where 
employees  take  calls  reactively  as  problems  occur.  They  may 
have  some  limited  capabilities  to  resolve  problems,  but  Help 
Desk  staff  are  generally  limited  to  taking  calls  about  some 
IT-related  error  and  passing  the  information  forward.  In 
contrast,  a  full  Service  Desk  receives  calls  from  multiple 
methods  (voice,  electronic/web)  and  takes  calls  on  a  variety 
of  things,  such  as  telecom  and  service  requests  that  go 
beyond  the  standard  "how  to"  support,  as  well  as  IT-related 
problems.  Service  Desk  staff  are  also  more  skilled  and  more 
empowered  at  problem  resolutions,  so  they  can  handle 
things  on  the  first  call  more  frequently. 

>  What  are  enterprises  really  looking  for  by 
outsourcing  their  Service  Desk — cost  saving 
or  increased  quality  of  service?  Are  their 
expectations  typically  met? 

There  are  two  facets  here.  The  folks  looking  for  only  cost 
savings  are  generally  outsourcing  a  Help  Desk,  not  a  Service 
Desk.  Ironically,  such  companies  don’t  usually  realize  the 
hard  cost  savings  they  want  because  they  fail  to  manage  the 
transition  and  monitor  the  outsourcer  to  make  sure  that 
costs  remain  flat  or  decline. 

Conversely,  companies  that  treat  their  Service  Desks 
more  strategically  are  interested  in  outsourcing  as  a  method 
of  tapping  into  the  best  practices  of  folks  who  do  this  for  a 
living.  They’re  interested  in  the  soft  savings  to  be  realized  by 
outsourcing  like  looking  at  the  types  of  requests  that  are 
being  made  in  order  to  prevent  or  eliminate  such  calls  in  the 
future,  thus  increasing  productivity. 

>  What  factors  must  be  considered  when 
comparing  insourcing  versus  outsourcing 
Service  Desk  functions? 

For  companies  considering  outsourcing  a  Service  Desk,  it’s 
critical  that  they  benchmark  their  current  level  of  service — 
as  well  as  current  costs — before  they  start  an  engagement. 
Otherwise,  there’s  nothing  to  compare  the  outsourcer’s 
service  with.  Other  things  to  consider:  The  outsourcer’s 
breadth  of  service  offering,  geographical  coverage  and 
experience  level  at  delivering  consistent,  defined  processes. 


>  When  evaluating  sourcing  options,  what  are 
the  key  areas  of  tangible  and  intangible 
costs  that  must  be  considered? 

Generally,  the  key  indicator  to  consider  is  cost  per  call, 
because  it  encompasses  a  variety  of  costs,  both  tangible  and 
intangible.  By  watching  how  costs  per  call  trend  over  time 
and  comparing  them  with  Service  Desk  hiring  patterns  as 
well  as  desk  activity,  companies  can  draw  a  number  of  con¬ 
clusions.  For  example,  the  biggest  cost  for  any  Help  or  Ser¬ 
vice  Desk  is  people,  and  the  challenge  is  to  provide  consis¬ 
tent  services  while  keeping  that  cost  flat.  Consequently, 
many  companies  introduce  automated  technologies  for 
routine  services  that  increase  efficiencies.  This  should  be 
reflected  in  a  lower  cost  per  call. 

“The  Service  Desk  is  help¬ 
ing  the  CIO  make  better 
choices.” 

>  Service  Desk  is  often  viewed  as  a  commod¬ 
ity  service  by  the  lines  of  business  in  an 
enterprise.  Is  the  Service  Desk  actually 
strategic? 

If  a  company’s  Service  Desk  is  really  a  Help  Desk,  the  per¬ 
ception  is  correct,  but  there  are  strategic  uses  of  Service 
Desks  as  well.  For  example,  if  you  take  the  wealth  of  data 
generated  by  a  Service  Desk  and  use  it  as  a  tool  to  better 
manage  the  IT  organization  and  infrastructure,  that’s 
strategic.  For  example,  a  company  who  learns  from  their 
service  desk  data  that  operating  problems  occur  as  a  result 
of  an  existing  process,  can  benefit  from  learning  what  in  that 
process  should  be  re-engineered  in  that  process  to  eliminate 
those  concerns.  The  Service  Desk  is  helping  the  CIO  make 
better  choices.  It’s  strategic  when  you  can  take  the  data  and 
use  it  to  better  manage  the  human  resources  in  IT  as  well. 


For  more  information,  please  call  800-874-8647  x385 
or  visit  www.unisys.com/networkservices 

UNISYS 

Imagine  it.  Done. 


* 


How  secure  is  secure? 

«  ^ 

•We  help  uncover  the  cyber 
risks  so  AIG  can  provide 
more  cyber  insurance 
than  anyone  else. 


^'5 


Systems  Integration. 


r 

Infrastructure. _ 

Server  Technology. 
Consulting. 


Imagine  it: 


Underwriting  cyber  risks  -  from  viruses  to  cyber¬ 
extortion.  How  do  you  provide  insurance  for  these 
new  and  devastating  threats?  You  understand  them 
first  -  and  work  with  a  partner  who  could  uncover  a 
broad  range  of  security  and  technology  gaps. 


Done: 

AIG’s  eBusiness  Risk  Solutions  Group  partnered 
with  Unisys  and  leapt  together  into  cyber  protection. 
Today,  AIG  eBRS  provides  most  of  the  world’s 
network  security  and  cyber  insurance.  And  Unisys 
integrates  planning  and  protection  for  a  broad 
range  of  needs  like  privacy.  Identity.  Collaboration. 
Business  Continuity.  Infrastructure.  Our  holistic 
approach  is  one  reason  why  Unisys  has  been 
awarded  IT  security  integration  for  U.S.  airports. 

Can  we  help  you  identify  security  gaps?  Call  us. 


Security  with  precision  thinking  and  relentless 
execution  to  drive  your  vision  forward. 


Imagine  it.  Done. 

www.unisys.com/security  800.874.8647  x372 

Insurance  underwritten  by  member  companies  of  American 
International  Group.  Inc.  (AIG}.  ©  2003  Unisys  Corporation. 

Unisys  is  a  registered  trademark  of  Unisys  Corporation. 


«  m 


Sue  Unger,  CIO  of  DaimlerChrysler, 
is  working  hard  to  show  that  the 
Crossfire  (above)  is  not  the  only  thing 
of  value  to  emerge  from  the  two 
companies’  1998  marriage. 


PHOTOGRAPHY  BY  JIM  FRENAK 


Cover  Story  |  CIO  of  DaimlerChrysler 


DRIVING 


Sue  Unger  defied  the  odds  to  become  the  CIO  of 
an  automotive  giant  despite  her  gender  and  status 
as  a  technology  outsider.  Here’s  how  she  did  it. 

BY  CHRISTOPHER  KOCH 


SUE  UNGER  did  not  have  much  respect  for  IT  when  she  was  a  finance  execu¬ 
tive.  Reactive,  insular,  tactical  and  unmotivated  are  just  some  of  the  more  print¬ 
able  adjectives  she  used  to  criticize  IT  in  those  days. 

Yet  now  the  54-year-old  former  bean  counter  presides  over  one  of  the  world’s  largest  IT 
groups  at  one  of  the  world’s  largest  companies,  $157  billion  DaimlerChrysler.  She  has 
survived  two  waves  of  management  purges  since  Germany’s  Daimler-Benz  purchased 
Chrysler  in  1998 — purges  that  saw  the  only  other  two  female  senior  vice  presidents 

there  leave  the  company.  Indeed,  Unger  has  gained 
power  since  the  merger  in  a  company  that  has 
swept  away  Americans  at  its  uppermost  levels  and 
replaced  them  with  Germans.  She  is  the  rare 
American  who  rules  on  both  sides  of  the  Atlantic. 
But  she  speaks  no  German,  has  always  lived  in 
the  suburban  Detroit  town  where  she  grew  up  and 
has  worked  for  exactly  one  company  since  grad¬ 
uating  college  in  1972:  Chrysler.  Worldly  she  is 
not.  And  her  understanding  of  IT  remains  rooted 
in  the  conceptual  rather  than  the  technological. 


Reader  ROI 

►  How  a  former  bean  counter 
earned  the  respect  of  the  IT 
group  and  became  its  boss 

►  Why  many  consider  Sue  Unger 
to  be  a  walking  case  study  for 
leadership 

►  What  challenges  lie  ahead  for 
the  CIO  of  DaimlerChrysler 
and  her  company 


4  9 


www.cio.com  •  JUNE  15,  2003 


CIO 


Cover  Story  |  CIO  of  DaimlerChrysler 


This  is  atypical  to  say  the  least.  The  vast 
majority  of  CIOs  remain  techies  who  learn 
the  business  rather  than  businesspeople  who 
learn  technology.  CIO’s  “State  of  the  CIO 
2003”  survey  found,  for  example,  that  just 
14  percent  of  more  than  500  IT  leaders  had 
any  relevant  experience  in  finance  before 
becoming  CIO.  Other  core  business  func¬ 
tions,  like  manufacturing  and  sales,  had  even 
lower  percentages,  while  engineering  was 
slightly  better,  at  20  percent.  In  the  auto 
industry,  the  breakdown  is  no  different.  The 
last  businessman  to  be  CIO  at  a  Big  Three 


company.  Ford’s  Jim  Yost,  who  came  from 
finance  like  Unger,  lasted  just  a  year  before 
stepping  aside  for  a  techie.  It  should  come  as 
no  surprise  that  Unger  is  also  the  first  and 
only  woman  to  be  a  Big  Three  CIO. 

Unger’s  startling  success  makes  her  a  walk¬ 
ing  case  study  on  leadership  and  what  it  takes 
for  a  woman  and  a  technology  outsider  to 
become  the  boss  of  IT  in  one  of  the  most 
competitive,  macho  industries  in  the  world. 
How  has  she  defied  the  odds?  Several  ways: 
excellent  analytical  and  people  skills  honed 
by  her  ye^rs  in  finance,  and  a  determination 


to  learn  every  important  aspect  of  the  car 
business  by  taking  assignments  in  every  major 
area  of  Chrysler. 

“She  broke  a  lot  of  barriers  by  moving 
around  a  lot  and  not  being  afraid  to  take 
on  assignments  in  different  functional  areas 
of  the  company,”  says  Unger’s  mentor;  Gary 
Valade,  Chrysler’s  executive  vice  president 
of  global  procurement  and  supply.  “No  mat¬ 
ter  what  the  assignment  was,  she  was 
always  able  to  break  it  down  to  its  essential 
elements  and  deal  with  those,  and  not  get 
distracted  by  a  lot  of  peripheral  stuff.” 

But  for  Unger  and  her  company,  the 
biggest  challenges  may  lie  ahead.  Chrysler, 
perennially  third  behind  GM  and  Ford,  is 
continuing  to  lose  market  share  as  com¬ 
petitors  eat  away  at  the  categories  that 
Chrysler’s  innovative  designers  made  fa¬ 
mous,  such  as  the  minivan  and  SUV.  And 
Mercedes  and  Chrysler  finished  below  aver¬ 
age  on  J.D.  Power  and  Associates’  2003  ini¬ 
tial  quality  survey.  (In  2003  tests.  Consumer 
Reports’  readers  put  Mercedes’  reliability 
in  third  place  of  worst-of-all  car  brands.) 
Analysts  question  whether  DaimlerChrys- 
ler’s  quest  to  shore  up  a  failing  Chrysler  has 
caused  its  chairman  of  the  board  of  man¬ 
agement,  Jurgen  Schrempp,  to  lose  sight  of 
what  made  his  German  gem  great. 

Indeed,  one  of  the  first  questions  a  Ger¬ 
man  journalist  asked  Schrempp  at  the  com¬ 
pany’s  annual  press  conference  last  fall  was 
whether  he  was  considering  selling  Chrysler. 
Schrempp  responded  with  a  stem  “No!”  but 
the  question — and  larger  issue  of  the  mer¬ 
ger’s  success — lingers  on. 

Driver’s  Ed 

nger  comes  from  the  second  most 
powerful  constituency  in  the  car 
business:  the  money  guys  (and  at 
W  the  highest  levels,  they  are  still 
nearly  all  guys).  The  car  guys  (usually  engi¬ 
neers)  are  the  most  powerful  group,  and  they 
usually  get  the  CEO  jobs,  but  when  you  veer 
off  the  road  into  a  financial  ditch  as  often  as 
the  auto  industry  does,  the  money  guys  are 
as  powerful  as  bean  counters  get.  Finance  in 
the  auto  industry  has  a  breadth  and  depth 


DAIMLERCHRYSLER 


The  Dossier 

Age:  54 

Birthplace:  Grosse  Point,  Mich.,  a  suburb  of  Detroit 

Family:  Husband  Tim,  a  retired  advertising  executive  who  handled  the  Chrysler 
account;  a  daughter,  Lisa,  23,  a  business  consultant;  and  a  son,  Michael,  15 
Education:  BA,  Michigan  State  University  (economics);  MBA,  Wayne  State 
University  (finance) 

First  leadership  challenge:  While  sailing  with  her  family  in  Saginaw  Bay  when  she 
was  18,  a  sudden  squall  sent  5-foot  waves  crashing  against  the  small  boat.  The  only 
ones  not  seasick  were  Unger  and  her  father,  who  told  Unger  to  steer  the  ship 
through  the  storm  while  he  kept  an  eye  on  the  family.  She  got  the  ship  back  to  port 
unscathed.  "That  was  a  big  storm,”  recalls  Unger.  "There  were  boats  our  size  that 
sank  that  day." 

Biggest  ROI  technology  project  at  DaimlerChrysler:  The  “digital  factory,"  which 
applies  the  same  virtual  online  concepts  used  to  design  cars  to  the  design  of  new 
and  repurposed  factories  and  manufacturing  processes.  Designers  can  build 
virtual  assembly  lines  and  see  if  they  fit  into  digitized  versions  of  old  and  new 
Mercedes  and  Chrysler  assembly  plants.  Digital  humans  twist  and  turn  to  perform 
their  assembly  line  duties  while  the  software  evaluates  their  productivity  and 
stress— the  way  Unger  used  to  do  with  a  clipboard  at  the  Jefferson  North  Assembly 
Plant.  “This  is  going  to  save  us  billions,”  Unger  enthuses.  "It’s  about  putting  the 
end-to-end  process  of  building  a  car  online."  Some  pieces  of  the  process,  such  as 
assembly  planning  and  factory  simulation,  are  already  online.  The  system  will  be 
finished  in  2005.  -C.K. 


Pi 


50  CIO  JUNE  15,  2003  •  www.cio.com 


Cover  Story  |  CIO  of  DaimlerChrysler 


SUE  UNGER’S 

HI 

beven  burv  va 

ps 

1 

Learn  more  about  the  business  than  anyone  else. 


7,  Make  sure  the  IT  staff  reports  to  you— no  dotted  lines  here. 


2,  Get  yourself  a  mentor— the  higher  up  the  better. 


3,  Don’t  let  the  old  boy  network  get  you  down. 


4  a  Don’t  pretend  to  know  more  about  technology  than  your  techies. 


5  a  Make  sure  your  staff  learns  more  about  the  business  than  anyone  else. 


0,  Develop  a  reputation  for  integrity— you  call  ’em  like  you  see  ’em. 


that  few  other  industries  can  match.  For 
decades,  Chrysler’s  promising  finance  peo¬ 
ple  have  been  rotated  through  different  areas 
of  the  company  at  roughly  two-year  inter¬ 
vals,  creating  executives  who  understand 
every  facet  of  the  business. 

Unger  served  in  several  functional  areas, 
from  sales  and  marketing  to  engineering  to 
warranty,  before  assuming  her  IT  role.  But 
adaptability  was  a  strength  long  before  she 
ever  came  to  Chrysler.  Growing  up,  she  had 
wanted  to  be  a  civil  engineer  like  her  father 
and  grandfather.  Her  parents  helped  build 
her  confidence  by  giving  her  lots  of  house¬ 
hold  responsibility  and  treating  her  the  same 
as  her  brother.  “My  father  expected  no 
more  or  less  of  me  because  I  was  a  girl,”  she 
says.  But  he  did  not  encourage  her  dream. 
“He  said  I  could  do  [engineering],  but  that  I 
wouldn’t  advance  very  far  and  I’d  be  treated 
badly,”  Unger  recalls.  “Women  did  one  of 
three  things  in  those  days.  They  became 
nurses,  teachers,  or  they  got  married.” 

In  her  first  college  computer  engineering 
course  in  1968,  Unger,  the  only  woman  out 
of  400,  was  repeatedly  humiliated  in  front  of 
the  class  by  her  male  professor.  The  experi¬ 
ence  drove  her  out  of  engineering  and  into 
the  business  school,  where  the  humiliation 
was  less  severe  and  she  was  still  the  only 
woman  in  most  of  her  classes. 

Her  sense  of  isolation  continued  at 
Chrysler,  where  she  was  one  of  three  women 
management  trainees  in  1972’s  crop  of  50. 
There  were  no  women  in  Chrysler’s  man¬ 
agement  at  the  time  either.  But  Unger  viewed 
the  challenge  at  Chrysler,  perhaps  a  bit 
naively,  as  a  game  she  could  win. 

The  game  quickly  got  serious.  After  a  few 
years  of  working  for  finance  in  the  sales  and 
marketing  function,  Unger  pushed  to  be 
assigned  to  the  Jefferson  North  Assembly 
Plant,  one  of  Chrysler’s  oldest,  in  downtown 
Detroit  in  1977.  Her  colleagues  in  finance 
thought  she  was  crazy  to  leave  the  padded 
carpet  of  headquarters  for  the  grease  and  oil 
of  the  assembly  plant.  But  Unger  wanted  to 
know  how  cars  were  built.  “I  thought  it  was 
important  to  learn  everything  about  the  auto 
industry,”  she  recalls. 


But  no  management  woman  had  ever  set 
foot  in  the  plant  (though  women  worked  on 
the  assembly  line),  and  the  plant  manager 
was  determined  to  keep  it  that  way. 

It  took  a  year  of  lobbying  before  Unger 
got  her  assignment.  Then,  she  got  stuck  in 
“body  in  white,”  the  section  of  the  plant 
where,  in  the  days  before  automated  assem¬ 
bly,  the  biggest,  toughest  guys  muscled  the 
raw,  unpainted  (hence  body  in  white)  panels 
of  sheet  metal  into  place  to  create  the  vehi¬ 
cle’s  skeleton.  Unger’s  job  was  to  monitor 
productivity  and  help  improve  the  assembly 
process  by  meeting  with  the  assembly  team 
and  discussing  better  ways  to  move  materi¬ 
als  to  the  line.  Ironically,  Unger  had  an  eas¬ 
ier  time  dealing  with  the  tough  guys  on  the 
line  than  the  managers  in  the  office. 

“It  wasn’t  discrimination  so  much  as  they 
were  very  worried  about  having  such  a  refined 
young  lady  in  such  a  macho  manufacturing 
environment,  and  what  if  someone  swore  at 
me — ^how  would  I  react?!”  she  says,  laughing 
at  the  memory.  In  fact,  Unger  didn’t  care 
about  the  swearing — it  was  the  men’s  phony, 
condescending  sensitivity  that  drove  her  crazy. 
“In  meetings,  they’d  say,  ‘I’m  sorry  to  do  this 
in  front  of  a  lady.  Sue,  but  expletive,  exple¬ 
tive,”’  she  laughs.  “I  finally  said,  ‘Look,  I’ve 
heard  all  this  before.  What’s  humiliating  is 
how  you  single  me  out  before  you  say  it!”’ 

The  people  down  on  the  line  didn’t  pull 


any  punches  with  her,  Unger  says.  “I  loved 
the  honesty,”  she  recalls.  “Nobody  was 
afraid  to  say  how  they  felt  about  things.  I 
just  thrive  in  an  environment  like  that.” 

Unger’s  higher-ups  in  finance  were 
admiring  the  same  traits  in  her — not  sim¬ 
ply  because  they’re  signs  of  good  character, 
but  because  they  serve  the  company’s 
goals.  “In  finance,  it’s  easy  to  become 
aligned  with  someone  that  you  like  or  who 
you  think  is  doing  good  work  or  has  got  a 
great  future,”  Valade  says.  “And  it’s  very 
easy  to  take  an  analysis — say  whether  to 
keep  a  manufacturing  plant  open  or 
closed — and  tailor  it  to  the  direction  you 
think  the  guys  or  gals  would  like  to  see  it 
come  out.  But  to  succeed  in  finance  you 
have  to  get  by  that.  You  have  to  say.  It’s 
my  job  to  put  down  the  facts  as  I  see  them 
fairly.  Not  all  finance  people  can  do  that. 
Sue  has  always  been  able  to  do  it.  You 
could  call  it  integrity.” 

Managers  at  Jefferson  North  had  a  hard 
time  noticing  Unger’s  integrity,  however. 
They  were  more  focused  on  her  sex.  The 
year  Unger  arrived  there,  the  managers 
decided  to  cancel  the  annual  management 
picnic  rather  than  invite  her.  Similar  road¬ 
blocks  would  follow,  but  Unger  approached 
them  with  humor  and  a  bit  of  cunning.  For 
instance,  when  Unger  came  to  procurement 
and  supply  in  1983,  a  Chrysler  manager, 


52  CIO  JUNE  15,  2003  •  wvjw.cio.com 


Tom  Martin,  badgered  Unger  to  manage  the 
group’s  softball  team,  knowing  she  had  no 
knowledge  of  or  interest  in  the  sport.  Unger 
agreed.  But  when  she  showed  up  at  the  first 
game  and  handed  out  the  team  uniforms, 
Martin  got  a  surprise.  The  uniforms  were 
bright  pink  and  white,  with  the  name  “Mar= 
tinets”  scrawled  across  the  front. 


A  New  Word 
for  IT:  Yes 


erhaps  the  toughest  assignment  for 
Unger  was  when  Lee  lacocca 
trumped  the  other  Big  Three  dur¬ 
ing  the  “warranty  wars”  of  the 
mid-1980s  by  upping  the  coverage  to  seven 
years  or  70,000  miles.  Unger  was  the  fi¬ 
nance  manager  who  had  to  figure  out 
whether  Chrysler  would  lose  what  was  left 
of  its  tattered  shirt  on  warranty  repairs.  This 
was  an  assignment  Unger  didn’t  choose  her- 


the  quality  problems  much  quicker.  Her 
naivete  about  technology  may  have  been  a 
blessing  in  disguise.  “IT  said  it  was  impossi¬ 
ble  to  put  this  much  information  in  a  data¬ 
base,  much  less  analyze  it,”  Unger  recalls. 
“So  I  got  a  PowerPoint  presentation  to¬ 
gether  and  said,  ‘This  is  what  I  want.’” 

She  was  asking  a  lot.  Not  only  did  the 
database  need  to  store  vast  quantities  of 
information,  but  Unger  herself  specced  out 
complex  statistical  analyses,  which  required 
vast  amounts  of  computing  power  to  gener¬ 
ate  comparative  quality  reports.  As  she 
recounts  the  story  in  her  big  corner  office  at 
Chrysler’s  headquarters,  her  annoyance  is 
still  fresh.  Her  foot  starts  to  jiggle  with 
nervous  energy. 

It’s  easy  to  imagine  that  foot  kicking  poor 
Paul  Hsu  out  of  her  office — ^three  times,  to 
be  exact.  Hsu  was  the  IT  messenger  assigned 
to  tell  Unger  that  her  database  could  not  be 
built.  “With  all  the  suppliers  out  there,  you 


IT’S  Ambassador 

nger  had  built  a  reputation  for  fix¬ 
ing  problem  financial  processes 
and  repairing  bad  relationships 
W  with  business  partners,  but  she  had 
never  fixed  those  problems  with  IT  before. 
She  thought  fixing  IT’s  image  might  be  her 
biggest  challenge  yet.  So  when  the  depart¬ 
ment’s  top  job  opened  up  in  1993,  she  applied 
for  and  got  it. 

When  Unger  arrived,  she  became  IT’s 
front  end,  its  CRM  system.  In  many  of  the 
areas  where  IT  built  systems — from  the 
shop  floor  to  the  showroom — Unger  had 
direct  managerial  experience,  process 
knowledge  and,  perhaps  most  important, 
contacts.  “You  can’t  underestimate  the 
advantage  of  knowing  people  in  the  vari¬ 
ous  organizations,”  says  Valade.  “So  if 
you’ve  worked  inside  the  Jefferson  plant, 
you  can  call  the  controller  and  supervisor 


■■J 


So  far,  Sue  Unger’s  only  global 
infrastructure  win  has  been  e-mail 
down  to  a  single  system  from  16. 


self.  Warranty  and  quality  were  chaotic 
backwaters.  Engineers  used  dollies  to  deliver 
the  stacks  of  paper  that  quality  analysts 
needed  to  pore  through  to  generate  their 
monthly  quality  reports.  “The  paper  was 
stacked  so  high  you  couldn’t  even  see  the 
analysts  at  their  desks,”  Unger  recalls. 

She  realized  then  that  she  had  stumbled 
on  a  function  that  could  really  benefit  from 
IT  Except  there  was  no  IT  to  depend  on. 

By  law,  Chrysler  has  to  keep  warranty 
and  quality  information  on  every  part  and 
every  vehicle  going  back  15  years.  But  get¬ 
ting  at  the  information  about  a  part  that 
failed  last  week  was  as  difficult  as  finding 
one  that  blew  up  10  years  ago.  Unger  real¬ 
ized  that  if  warranty  and  quality  data  went 
online,  the  engineers  would  be  able  to  fix 


can’t  tell  me  there  isn’t  someone  who  has 
tackled  this  problem,”  Unger  recalls  telling 
him.  “Go  figure  it  out.  That’s  what  I’m  pay¬ 
ing  you  guys  for.” 

After  IT  told  Hsu  to  tell  Unger  no  for  the 
fourth  time,  he  declined  the  assignment. 
Instead,  Hsu  called  IBM  and  pleaded  for 
help.  “And  that’s  when  they  told  him  about 
the  new  database  they  were  developing,” 
Unger  recalls. 

Eighteen  months  later,  they  had  the  data¬ 
base  installed.  Instead  of  a  handful  of  quality 
analysts  looking  at  mountains  of  paper,  the 
new  database  opened  the  information  up  to 
all  of  Chrysler’s  engineers,  as  well  as  those  at 
key  suppliers.  Quality  problems  were  re¬ 
solved  75  percent  faster,  according  to  Unger, 
with  an  overall  cost  reduction  of  25  percent. 


and  just  talk  to  them  because  you  know 
what  their  business  issues  are.  You’ve  been 
there.  You  realize  how  everything  fits 
together.  If  someone  calls  up  and  says  they 
need  something  in  24  hours,  you  know 
whether  they  really  need  it  in  24  hours.” 

IT  managers  were  in  awe  of  Unger’s 
access.  “They’d  say,  ‘You  mean  we’re  going 
to  meet  with  so-and-so?  We’ve  never  spo¬ 
ken  with  him  before,”’  she  laughs. 

What  Unger  did  not  have  was  a  solid 
grounding  in  technology.  For  any  nontech¬ 
nology  CIO,  this  gap  in  understanding  can 
create  a  gulf  of  resentment  with  the  techies 
in  the  group — especially  those  who  dream 
of  being  CIO  one  day.  Asserting  her  lead¬ 
ership  without  alienating  her  technology 
lieutenants  is  the  tightrope  Unger  has 


.do .com  •  JUNE  15,  2003  CIO  53 


Cover  Story  |  CIO  of  DaimlerChrysler 


walked  since  taking  over  IT  at  Chrysler. 
She  maintains  her  balance  by  meeting  the 
techies  halfway.  They  provide  her  with 
advice  and  manage  direct  relationships 
with  their  business  customers  while  she 
focuses  on  overseeing  the  overall  strategy, 
maintaining  relations  with  top  manage¬ 
ment  and  building  metrics  for  managing 
the  overall  IT  group. 

“Her  finance  background  gives  her  the 
ability  to  see  technology  from  a  business 
payback  view,  which  is  absolutely  necessary 
not  only  for  her  success  but  our  success  as  a 
company,”  says  one  of  her  lieutenants,  CTO 
Vince  Morrotti.  She  is  also  famously  impa¬ 
tient  with  the  progress  of  projects.  “It  can  be 
a  challenge  for  her  staff,  but  it  allows  them 
to  accomplish  more  than  they  may  have 
thought  was  possible,”  he  says. 

Mei^ger  Mania 

n  1998,  the  possible  was  stretched  to  span 
the  Atlantic.  Daimler’s  acquisition  of 
Chrysler  brought  together  two  IT  depart¬ 
ments  that  could  not  have  been  more  dif¬ 
ferent.  Chrysler’s  single  market  emphasis — 
mass-market  cars  and  pickups — along  with 


fact  the  biggest  difference  was  the  culture  of 
the  companies  themselves.  Mercedes  is  all 
about  luxury  and  consistency  while  Chrysler 
has  rarely  ventured  above  the  middle  market 
and  has  survived  by  being  idiosyncratic — 
throwing  out  designs  every  few  years  and 
carving  out  new  categories  like  the  minivan 
and  SUV. 

Supporters  of  the  merger  call  the  two 
companies  complementary,  for  their  differ¬ 
ent  market  emphasis  and  styles,  but  critics 
say  there  is  little  opportunity  for  the  two 
companies  to  save  costs  because  they  lack 
common  ground.  It  has  taken  five  years  for 


man  Schrempp  wanted  to  see  across  the 
company.  So  in  1998,  Unger  got  the  nod 
for  the  top  job.  And  there  was  immediate 
resistance  to  her  vision,  mostly  from  the 
German  side,  which  was  highly  decentral¬ 
ized  and  heavily  outsourced.  “The  Daimler 
IT  organization  was  a  bunch  of  contract 
managers  managing  contracts  with  IT  out¬ 
sourcers,”  says  AMR  Research  Director 
Kevin  Prouty. 

But  Unger  quickly  demonstrated  that  she 
was  willing  to  delegate  technology  leader¬ 
ship  on  projects  to  her  German  lieutenants, 
just  as  she  had  done  in  the  United  States. 
For  example,  technology  projects  running 
at  Mercedes  before  she  took  over  were  left 
in  the  hands  of  the  German  technologists  on 
the  condition  that  they  cooperate  with  their 
American  colleagues  to  bring  them  to 
Chrysler,  if  the  applications  didn’t  already 
exist  here.  She  insisted  that  IT  be  run  glob¬ 
ally  in  just  one  area,  infrastructure,  which  is 
owned  by  Morrotti,  an  American  who  used 
to  be  CIO  of  Mercedes-Benz  USA. 

So  far,  the  only  global  infrastructure  win 
has  been  e-mail:  down  to  a  single  system 
from  16.  Morrotti  faces  a  much  more  diffi¬ 
cult  challenge  in  trying  to  standardize  infra- 


Sue  Unger  continues  to  face  resistance 
from  Germany  in  her  efforts  to 
consolidate  infrastructure  and  apps. 


its  constant  financial  hardships  and  heavy 
geographic  concentration  in  the  Detroit  area 
generated  an  emphasis  on  IT  centralization 
and  standardization.  Daimler,  on  the  other 
hand,  was  a  highly  distributed,  multinational 
company  with  a  number  of  different  business 
units  serving  very  distinct  markets.  Those 
units  all  had  their  own  IT  leaders  and,  in 
more  typical  European  style,  no  overall  chief. 
Each  unit  was  free  to  do  as  it  wished. 

The  press  focused  on  nationality  conflicts 
after  the  acquisition  was  announced,  but  in 


a  truly  codeveloped  product,  the  Crossfire 
sports  car,  to  emerge.  It  combines  one  of 
Chrysler’s  typically  radical,  love-it-or-loathe- 
it  designs  with  Daimler’s  more  refined  hard¬ 
ware  under  the  hood.  But  the  car,  with  its 
high  price  tag — $34,495  for  a  six-speed 
manual — and  limited  production  run,  is 
more  a  symbol  of  cooperation  than  a 
demonstration  of  value  that  has  resulted 
from  combining  the  two  companies. 

Even  so,  Unger’s  success  in  centralizing 
Chrysler  IT  was  a  template  for  what  Chair- 


structure  across  the  oceans — not  just  the 
Atlantic  but  the  Pacific  too,  as  the  combined 
company  is  in  200  countries.  He  is  creating 
four  central  data  centers  around  the  world 
to  serve  both  companies,  which  will  help 
eliminate  some  redundancy.  But  the  heavily 
localized  infrastructure  of  Daimler-Benz — 
each  plant  has  its  own  regional  data  cen¬ 
ter — is  simply  too  difficult  a  nut  to  crack, 
for  now. 

In  the  meantime,  Unger  has  focused 
most  of  her  globalization  effort  not  on  sys- 


54  CIO  JUNE  15,  2003  •  www.cio.com 


To  me,  success  is  a  35  minute  lunch. 


At  a  restaurant,  not  my  desk. 


Means  I'm  not  wasting  time  doing  the 


same  data  management  task  again  and 


again  and  again  and. .. well,  y(^  get  it. 


Save  the  day. 


Consolidate  your  work  by  consolidating  data  from  all  your  different  systems.  One  way  is  with  a  V2X  Shared  Virtual  Array™ subsystem 
and  SnapVantage™software  to  unite  all  your  Linux  virtual  servers.  Or  an  L5500  automated  tape  library  and  T9940B  tape  drive.  There 
are  other  ways,  too.  We'll  help  find  the  one  that's  best.  So  storage  administration  takes  a  smaller  bite  out  of  your  day.  Learn  more 
about  this  story  and  other  ways  we  can  help  you  at  www.savetheday.com  STORACETEK*  Save  the  Day.™ 

/ 


Subsystem 


Cover  Story  |  CIO  of  DaimlerChrysler 


Pulling  Out  of  the  Breakdown  Lane 


$6 


$5  ~ 


$4  - 


in 

c 

o 


n  S3 


m 

^  $2 

o 

CL 

00  ^ 
.E  $1 
ro 

V. 

(U 

Q. 

O  0 


-$1 


-$2 


$5.2  billion  profit 


Daimler  and 
Chrysler  merge 


Chrysler  CIO  Sue  Unger 
survived  the  merger  with 
Daimler.  But  as  the  plunge 
in  Chrysler’s  operating 
profits  show,  the  company 
still  faces  challenges. 


\Manufacturlng 
costs  rise, 


1998 


1999 


Chrysler  slashes 
costs— cutting 
workers, 
closing  plants. 
Unger  starts 
consolidating  IT. 


200 


2002  Years 


$1.9  billion  loss, 
Dow  tumbles 


terns  but  on  people.  She  built  a  standard 
performance  measurement  system  for  both 
sides  of  the  Atlantic  based  on  the  popular 
Balanced  Scorecard  concept.  She  instituted 
a  global  awards  program  to  recognize 
individual  achievement,  another  move  that 
ran  counter  to  the  German  tradition  of 
focusing  on  group  recognition.  And  in  the 
most  controversial  move  of  all,  Unger 
demanded  that  20  percent  of  her  entire 
staff  rotate  inside  or  outside  of  IT  each 
year.  But  Mercedes’  IT  had  a  long  history 
of  specialization  and  resisted.  In  the  end, 
Unger  and  the  Germans  compromised  and 
agreed  to  rotate  18  percent  of  the  global 
staff  each  year. 

Unger  acknowledges  that  it  has  been 
grindingly  difficult  bringing  both  sides 
together,  but  her  people  skills  and  experi¬ 
ence  have  proved  invaluable.  “The  fact 
that  she  listens  to  people,  evaluates  what 


they  have  to  say  and  takes  a  position  that 
is  not  political  is  what  got  her  through  it,” 
Valade  says. 

The  Contest 
Ahead 

Sitting  with  her  lieutenants  in  a  con¬ 
ference  room  at  Chrysler’s  giant 
corporate  center;  Unger  never  lets 
anyone  forget  that  she  is  the  most 
experienced  businessperson  in  the  room. 
Partly  it’s  her  delivery.  She  hits  the  table  with 
her  fist,  she  gets  excited  and  passionate,  she 
laughs  (a  delightful  cackle  of  a  laugh).  She 
can  hold  the  room.  Her  lieutenants  don’t 
have  the  same  poHsh  and  command. 

She  also  spends  a  lot  of  time  cheerlead¬ 
ing.  Despite  spouting  enough  rah-rah  cor¬ 
porate  platitudes  to  make  even  the  most 
seasoned  PR  handler  blush,  Unger  sounds 


like  she  really  means  them.  “We  have  such 
a  great  team  here  in  IT!”  she  chants  over 
and  over. 

Though  Unger  likes  for  her  employees 
to  seem  like  an  inseparable  part  of  the 
groups  they  serve,  she  doesn’t  want  her  full¬ 
time  staff — which  now  numbers  4,400  on 
both  sides  of  the  Atlantic — ever  reporting 
to  anyone  but  her,  another  legacy  of  her 
days  in  finance.  “There  always  has  to  be  a 
solid  line  back  to  IT,”  she  says.  “If  you  let 
it  become  a  dotted  line,  you  start  to  have  a 
division  between  corporate  IT  and  business 
unit  IT.” 

Unger’s  biggest  contest  may  lie  ahead. 
She  continues  to  face  resistance  from  Ger¬ 
many  in  her  efforts  to  consolidate  infra¬ 
structure  and  apps.  She  spends  a  grueling 
two  weeks  out  of  every  month  in  Stuttgart 
trying  to  influence  the  man  she  reports  to, 
Schrempp.  He  is  an  intimidating  character, 
an  engineer  by  training.  At  best,  he  is 
described  as  tough  but  fair.  At  worst,  he  is 
described  as  an  arrogant  bully  who  lacks 
faith  in  Chrysler’s  American  managers.  In 
a  tough  economy,  where  Chrysler  has  lost 
market  share  since  the  merger,  Unger  has 
to  prove  herself  each  month  when  she  gets 
on  the  private  corporate  plane  to  go  to 
Stuttgart. 

After  the  merger;  Schrempp  decreed  that 
three  functional  areas  of  the  two  compa¬ 
nies — ^finance,  procurement  and  supply,  and 
IT — should  become  truly  integrated  and 
global.  Valade,  who  presides  over  the  global 
procurement  and  supply  effort,  says  Unger 
has  the  most  difficult  challenge  of  the  three. 
“The  finance  people  knew  they  needed  one 
chain  of  command,  and  the  procurement 
people  quickly  recognized  that  we  could 
save  a  lot  by  doing  global  purchasing,”  says 
Valade.  “But  there  is  a  lot  more  resistance 
within  IT” 

■  Unger;  in  other  words,  has  her  work  cut 
out  for  her.  But  if  anyone  can  do  it,  her  for¬ 
mer  mentor  implies,  she  can.  Pna 


If  you  want  to  lay  any  bets  on  Unger's  future  at 
DaimlerChrysler,  let  Executive  Editor  Christopher 
Koch  know  at  ckoch@cio.com. 


56  CIO  JUNE  15,  2003  •  www.cio.com 


PARIS 


TRENDLABS: 


LOS  ANGELES 


MUNICH 


TAIPEI 


TOKYO 


ss:  MANILA 


-i  A 


From  his  desk 
at  TrendLabs 
Los  Angeles 
Joseph  Miller,  Ph.D. 

joins  a  team 
of  antivirus  experts 
^working  worldwide 
to  uncover  data 
security  answers 
enterprise-wide 


Qftice. 


JWgi||pvo  e;:gif 


iW#i 

:®®gl 

*^5.V--  ■;V.'  ■  4 

^  . ' 

r4- 'Vv.’ 
evs— -V.-r..-^.- 

■o  ■  ■•<'■  ■  -*■/■ 


SMARTER  DATA  SECURITY  DOES  WHAT  SOFTWARE  ALONE  CAN’T:  Wherever  viruses  attack,  Trend  Micro 
is  near  at  hand  with  a  global  force  of  content  security  experts  backed  by  the  only  integrated  approach 
to  address  the  entire  attack  lifecycle.  Only  Trend  Micro'"  Enterprise  Protection  Strategy  provides 
attack-specific  products  including  everything  from  Outbreak  Prevention  policies  to  Damage  Cleanup 
templates — all  delivered  while  the  attack  develops  so  you  can  better  manage  the  threat  and  minimize  costs. 
To  find  out  how  Trend  Micro's  best-of-breed  products  and  services  backed  by  the  vigilance  of  TrendLabs 
engineers  can  help  you  manage  every  stage  of  a  virus  outbreak,  visit  www.trendmicro.com/products/eps. 


TREND, 

M.  ‘r  <3 -  R  O  - rV"  Not-ori  Qtar  Watch.. 


JNfJ*' •  .•  '*"•  --Jr  ;  vft.  ^  V  •.  •- *•  ,  ■-  •'  —  V*.  ..  .^,v 

.r.'-  ■■  ^  -■ 

’*  ■VC'jDhAa  Trkfa/4  Tnrftrrv-^rAfftrf.  AH  rirthis'VeservfiH.  TVetid-Micro  artd  fho  t- 


^  ^2b03  Tr®hdWicro  Incorporated.  /U1  rights' rl^ervfid.  TVerid-lj^cro  arid  fho  l-bAlI  logo  are  trademarks  or'te^slere^  tradeinark^  of  Trend  Micro*  incorporated*  All  other 

yj.y:-'  l‘_  ."coiupany  an^/or  producinames  may  be  trademarks  or  registered  trademarks  of  their  owners.  .  •* 


ILLUSTRATION  BY  BRIAN  STAUFFER 


E-Procurement 


WTO  KNOW  IF 


gUREMENT 

IS  RIGHT  FOR  YOU 


While  some  companies  have  achieved  price  reductions  through 
online  sourcing,  the  focus  of  e-procurement  initiatives  today  is 
process  efficiency.  Here’s  how  to  decide  if,  what  and  how  you  should 
buy  electronically,  by  malcolm  wheatley 


AT  ITS  PEAK  in  March  2000,  the  stock  price 

of  e-procurement  software  vendor  Ariba  reached  $183.  In 
May  2003,  it  traded  at  $3.  Another  e-procurement  vendor. 
Commerce  One,  saw  its  stock  peak  even  higher — an  eye¬ 
popping  $330.  Its  shares,  too,  have  recently  become  but  a 
shadow  of  their  former  glory  at  just  $2 — and  that’s  after  a 
reverse  1-for-lO  split  in  September  2002.  Without  that,  the 
shares  would  be  trading  at  20  cents. 

But  while  the  stocks  of  once-high-flying  e-procurement 
companies  have  come  crashing  to  earth  due  to  excessive  expec¬ 
tations,  the  dotcom  bust  and  the  vagaries  of  the  market, 
e-procurement  itself  is  quietly  booming.  Studies  by  AMR 
Research  show  that  17  percent  of  the  companies  that  don’t  yet 
have  sourcing  and  procurement  applications  plan  to  implement 
them  in  the  next  year.  “This  is  the  highest  percentage  of  any 
packaged  applications  category  in  the  market  today,”  says  Pierre 


Mitchell,  vice  president  of  research  at  AMR.  “That  is  a  market 
growth  of  12  percent,  up  from  $1.7  billion  in  2002  to  $1.8  bil¬ 
lion  in  2003.” 

Explaining  e-procurement’s  allure  isn’t  difficult.  After  a 
rocky  start,  it’s  finally  delivering  the  goods.  The  software  has 
matured;  there’s  a  critical  mass  of  suppliers  to  buy  from;  inter¬ 
nal  systems — front  and  back — 
are  better  equipped  to  deal  vdth 
e-procurement.  The  list  goes  on. 

Today  it’s  possible  to  buy  almost 
anything  electronically. 

Which  is  not  the  same  as  say¬ 
ing  that  everything  should  be 
bought  electronically.  Deciding 
whether  to  invest  in  e-procure- 
ment  applications — whether  or 


Reader  ROI 

►  The  questions  you  should 
ask  before  deciding  on  an 
e-procurement  strategy 

►  The  new  tools  that  facilitate 
online  purchasing 

►  How  CIOs  have  managed  their 
companies’  expectations 


www.ciQ.com  •  JUNE  15,  2003  CIO  59 


E-Procurement 


How  to  think  about  your 
e-procurement  decision 

Is  the  value  of  the  spend  high  or  low? 

Is  the  product  or  commodity  highly 
substitutable  or  not? 

Is  there  a  lot  of  competition  or  a  little? 

How  efficient  are  your  internal 
processes? 


not  your  business  can  benefit  from  electronic 
sourcing  and  purchasing — it  turns  out,  is  a 
much  more  difficult  call.  Pens,  paper  clips 
and  copier  paper  are  one  thing.  Complex, 
made-to-order  engineered  components  are 
quite  another. 

THE  QUESTIONS  YOU 
MUST  ASK  YOURSELF 

-procurement  implementations  often 
simply  facilitate  the  catalog-based 
buying  of  indirect  materials  such  as 
office  supplies.  The  ROI  of  those  imple¬ 
mentations  is  invariably  good.  Rarely,  how¬ 
ever,  are  they  earthshaking.  Savings  on  office 
supplies  can  only  boost  a  bottom  line  so  far. 

Moving  beyond  this  stage — -from  calen¬ 
dars  and  Post-its  to  direct  materials  (the  stuff 
that  goes  into  your  product)  and  the  various 
services  that  a  company  buys,  such  as  con¬ 
sulting,  auditing  or  janitorial  services — is 
hard.  If  a  company  makes  large  purchases 
of  strategically  important  raw  materials  or 
components,  it  usually  does  so  in  multi- 
million-dollar  deals.  These  are  often  negoti¬ 
ated  over  weeks  and  months,  arranging  for 
supplies  for  up  to  a  year  ahead.  In  such  envi¬ 
ronments,  runs  the  argument,  e-procurement 
adds  little  value.  It  may  even  get  in  the  way. 

But  e-procurement  can  deliver  more  than 
just  lower  prices.  Indeed,  the  net  impact  of 
its  other  characteristic  deliverables — better 
productivity,  faster  processing,  greater  visi¬ 
bility,  the  elimination  of  maverick,  or 
unplanned,  ad  hoc  buying — can  have  a 
much  higher  ROI  than  what  can  be 
achieved  by  shaving  a  few  pennies  off  price. 

“The  bottom  line  [on  e-procurement] 
depends  on  your  company  and  what  it’s 
buying,”  concludes  Scott  Elliff,  president  of 
Capital  Consulting  and  Management. 

Elliff  suggests  that  a  CIO  evaluating  the 
pros  and  cons  of  e-procurement  ask  himself 
the  following  questions. 

■  Is  the  value  of  the  spend  high  or  low? 

■  Is  the  product  or  commodity  highly  sub¬ 
stitutable  or  not? 

■  Is  there  a  lot  of  competition  or  a  little? 

■  How  efficient  are  your  internal  processes? 

Rather  than  rushing  to  automate  for 


automation’s  sake,  those  are  the  sorts  of  fac¬ 
tors  that  require  consideration. 

CHOOSING  THE 
E-PROCUREMENT  MEAL 
THAT  WORKS  FOR  YOU 

Fast  Food:  Keeping  It  Simple. 

At  Applied  Industrial  Technologies, 
price  negotiation  remains  in  the 
hands  of  the  product  managers  in  charge  of 
each  category.  The  focus  of  the  company’s 
e-procurement  is  on  making  internal 
processes  more  efficient  through  the  paper¬ 
less  processing  of  orders,  receipts  and 
invoices.  An  internally  developed  inventory 
management  application  gathers  require¬ 
ments  from  more  than  400  Applied  service 
centers  across  Canada,  Mexico,  Puerto 
Rico  and  the  United  States,  and  then  sends 
them  to  suppliers  via  EDI. 

This  isn’t  rocket  science,  but  it  meets  the 
needs  of  the  $1.5  billion  distributor  of  indus¬ 
trial  components  that  stocks  2  million  dif¬ 
ferent  items,  including  bearings,  motors, 
pumps,  valves,  couplings  and  the  other 
highly  substitutable  building  blocks  of  man¬ 
ufactured  products.  And  those  blocks  are 
provided  by  suppliers  competing  in  an 
intensely  price-sensitive  market.  Applied  CIO 
Jim  Hopper  eschews  newer  technologies  like 
XML  in  favor  of  tried-and-trusted  EDI 
because,  as  he  says,  EDI  “has  been  around 
for  20  years,  works  and  is  very  cheap  for  us 
to  administer.  There’s  a  ton  of  people  who 
know  EDI  intimately  but  only  a  handful 


who  know  XML  that  well. 

“We’ll  do  EDI  with  anyone 
that  has  the  capability,”  adds 
Hopper,  “and  help  them  to  get 
that  capability  if  they  haven’t 
got  it.” 

Similarly,  Webasto  Roof  Sys¬ 
tems,  a  $300  million  subsidiary 
of  Germany-based  automobile 
roof  and  thermo  systems  manu¬ 
facturer  Webasto  AG,  has  been 
adopting  e-procurement  strate¬ 
gies  to  make  its  internal  process 
more  efficient,  while  keeping 
sourcing  decisions  and  price 
negotiations  offline. 

CIO  Mike  Thibideau  credits  e-procure- 
ment  with  reducing  inventories  by  15  per¬ 
cent,  generating  $1.5  million  of  cash  flow 
and  reducing  annual  inventory  carrying 
costs  by  $180,000.  All  that,  and  the  system 
is  still  only  30  percent  implemented. 

Using  technology  developed  by  enterprise 
system  vendor  QAD,  Webasto ’s  150  direct 
material  suppliers  download  all  the  infor¬ 
mation  they  need  to  know  to  ship  the  parts 
and  materials  for  Webasto ’s  sunroofs  and 
convertible  tops. 

“Because  all  they  need  is  a  Web-browser, 
it’s  less  intrusive  than  EDI,  and  less  expen¬ 
sive — especially  for  the  suppliei;  who  doesn’t 
have  to  pay  anything,”  says  Thibideau. 

Armed  with  knowledge  about  future 
requirements,  he  explains,  it’s  much  easier 
for  Webasto ’s  suppliers  to  fill  those  require¬ 
ments  just  after  parts  are  used  and  not 
before,  hence  the  inventory  savings.  Eor 
example,  suppliers  of  items  as  diverse  as 
glass  and  electronic  control  modules  can 
now  log  on  to  see  how  Webasto ’s  produc¬ 
tion  schedule  affects  demand  for  the  parts 
they  produce.  Suppliers  can  then  compare 
the  inventory  Webasto  is  holding  to  the 

cioxom  Has  Detroit  gpt  e-procure¬ 
ment  figured  out?  Maybe,  maybe  not.  Read 
COVISINT’S  LAST  CHANCE  about  Motor 
City's  supply  chain  portal,  and  you  decide. 

Find  the  story  at  www.cio.com/ec. 


60  CIO  JUNE  15,  2003  •  www.cio.com 


minimum  and  maximum  levels  the  com¬ 
pany  preset,  and  decide  for  themselves 
when  to  ship  a  particular  part  and  how 
much  of  it  to  ship. 

The  Full  Banquet:  E-Everything. 

At  the  other  end  of  the  spectrum  are 
businesses,  such  as  Reliant  Pharma¬ 
ceutical,  that  have  gone  whole  hog,  seeking 
savings  from  items  where  compressibility 
and  substitutability  make  that  possible,  and 
settling  for  internal  efficiencies  where  it  isn’t. 

Reliant  decided  in  2002  to  buy  everything 
electronically — from  janitorial  supplies  to 
the  products  that  it  sells.  It’s  true  that  the 
relatively  straightforward  nature  of  its  busi¬ 
ness  made  this  easier;  the  drugs  it  sells  are 
manufactured  by  pharmaceutical  giants  such 
as  Novartis  and  Lilly,  thereby  eliminating 
direct  materials  as  such.  Even  so,  says 
Reliant  CIO  Ron  Calderone,  “100  percent 
of  our  purchases  now  go  though  Ariba: 
lodging,  travel,  office  supplies,  sales  litera¬ 
ture,  the  products  we  sell,  you  name  it.” 

Previously,  for  Reliant  to  process  a  typical 
purchase  order  required  21  “touches” — 
approvals,  logging,  classifying  and  the  like — 
and  took  between  one  and  three  months  to 
move  through  the  system.  It  was  also  difficult 
to  enforce  any  consistent  company  purchasing 
policy,  and  Reliant’s  back-office  system  pro¬ 
vided  very  little  procurement  information  with 
which  to  leverage  price  concessions  from  sup¬ 
pliers.  In  the  first  year  of  its  Ariba  implemen¬ 
tation,  says  Calderone,  10  percent  of  Reliant’s 
purchases  were  electronic,  contributing  to  an 
ROI  of  65  percent.  He  estimates  the  second 
year  ROI  will  be  400  percent. 

A  la  Carte:  Picking  and  Choosing 
Among  E-Procurement  Strategies. 

Moving  to  emulate  Reliant’s  com¬ 
prehensive  levels  of  e-procurement  may 
seem  daunting.  In  fact,  it’s  easier  than  it  first 
may  appear.  The  traditional  distinction 
between  direct  materials  (those  that  go  into 
the  finished  product)  and  indirect  materials 
(those  that  don’t)  often  obscures  more  than 
it  illuminates.  More  enlightening  are  those 
factors  that  apply  to  both  direct  and  indi¬ 


rect  materials:  substitutability  (where  one 
widget  is  as  good  as  another)  and  com¬ 
pressibility  (squeezing  suppliers  to  force 
them  to  lower  their  prices).  In  short,  if  you 
can  put  it  in  a  catalog  and  describe  it 
through  standard  parameters,  then  you  can 
source  it  electronically. 

Take  items  such  as  pumps,  motors, 
switches,  electronic  components  and  valves. 
Those  are  clearly  direct  materials,  but  they 
also  exhibit  high  levels  of  substitutability 
and  compressibility.  One  manufacturer’s 
motor  or  pump  is  likely  to  be  very  similar  to 
any  other  one  that  meets  your  specifications, 
and  therefore  your  suppliers  are  likely  to  be 
competing  on  price. 

Bill  Lawson,  CIO  at  electronic  instrument 
and  motor  manufacturer  Ametek,  reckons 
that  asking  Elliff’s  questions  at  his  company 
has  resulted  in  an  average  20  percent  savings. 
His  company  now  sources  12  commodity 
groups  of  substitutable  and  compressible 
items  (among  them  machine  tooling,  electrical 
supplies  and  computer  hardware)  through  an 
Oracle  Exchange  e-procurement  portal.  “We 


have  access  to  around  one  and  a  half  million 
SKUs  [inventory  items]  through  catalogs 
maintained  by  our  suppliers,”  says  Lawson. 

Even  so,  apart  from  obvious  items  such 
as  electronic  components,  bearings  and  adhe¬ 
sives,  which  meet  the  substitutable  and  com¬ 
pressible  criteria,  Lawson  is  leery  of 
embracing  e-procurement  for  direct  materials 
too  quickly.  The  reason?  Through  direct 
negotiation,  buyers  can  at  present  get  a  bet¬ 
ter  deal,  especially  when  grouping  different 
items  together  into  a  single  buy.  “At  the 
moment,  we  believe  that  direct  material  and 
components  are  best  handled  though  rela¬ 
tionships  between  our  purchasing  people  and 
our  suppliers,”  Lawson  says.  “The  more 
important  the  item,  the  more  true  that  is.” 

For  example,  Ametek  uses  a  lot  of  copper 
wire — around  $12  million  worth  a  year. 
Large  and  carefully  negotiated  deals  with  sup¬ 
pliers  might  embrace  many  months  of  sup¬ 
ply,  right  across  the  couple  of  dozen  or  so 
wire  gauge  sizes  that  the  company  buys.  In 
reality,  purchase  orders  for  wire  are  releases 
against  a  prenegotiated  contraa,  at  stipulated 


Right  now,  do  you  know  whatyou’re  spending  on  temps? 
You  would  if  you  had  hired  them  online. 


SERVICES  COMPOSE  A  LARGE  and  growing  slice  of  corporate  expendi¬ 
ture— on  average  a  third  of  total  spend,  according  to  research  from  the 
Center  for  Advanced  Purchasing  Studies.  Tim  Reed,  vice  president  of 
product  strategy  for  service  procurement  software  provider  Elance,  adds,  “In  some 
industries,  such  as  entertainment,  insurance  and  finance,  it  can  be  a  lot  higher.” 

And  the  management  of  service  procurement  is  often  poor.  For  example,  look  at 
contract  labor.  “On  any  given  day,  ask  a  Fortune  1000  company  how  many  tempo¬ 
rary  workers  they  have,  how  much  they  are  paying  them,  what  their  total  spend 
including  fees  will  be  and  what  accrued  expenditure  is  owed  to  suppliers,  and  they 
won't  know,"  says  Elaine  Taylor,  president  of  consultancy  Taylor-Harris. 

Accordingly,  says  Toby  Redshaw,  Motorola’s  corporate  vice  president  of  IT 
strategy,  architecture  and  e-business,  the  electronics  manufacturer  intends  to  e- 
procure  just  about  every  service  the  company  buys— with  one  exception:  benefits. 

"As  with  most  companies,  benefits  have  been  a  big  deal  at  Motorola  for  over 
10  years  now,  and  the  area  is  pretty  tightly  managed,"  he  says.  “We'd  be  polishing 
the  shine  on  the  silver,  rather  than  adding  any  value.”  -M.  W. 


www.cio.com  •  JUNE  15,  2003  CIO  61 


E-Procurement 


prices.  That  kind  of  sophisticated  agreement 
requires  the  personal  touch.  A  catalog-based 
buy,  oriented  around  a  single  catalog  item, 
would  not  allow  for  the  same  critical  degree 
of  elasticity  and  would  lock  Ametek  into  a 
potentially  disadvantageous  spend. 

But  even  here,  e-procurement  is  beginning 
to  encroach  on  the  buyers’  preserve  of  find¬ 
ing  and  negotiating  with  suppliers. 

“We  certainly  engage  in  a  lot  of  Internet 
activity  to  locate  and  qualify  suppliers, 
although  I  wouldn’t  necessarily  characterize 
that  as  e-procurement,”  Lawson  says.  “We 
might  even  hold  an  electronic  auction.  But 
after  that,  the  transactions  would  be  releases 
against  a  contract.” 

Some  companies  go  even  further  toward 
using  e-procurement  for  everything  they  buy, 
although  again,  the  objective  is  often 
improved  efficiencies,  leaving  sourcing  deci¬ 
sions  and  price  negotiations  to  the  experts. 
At  ImagePoint,  which  designs,  manufactures 
and  puts  up  outdoor  signs  for  retailers  such 
as  McDonald’s,  Pizza  Hut  and  Taco  Bell, 
e-procurement  already  embraces  both  direct 
and  indirect  material  spend  but  not  yet  serv¬ 
ices,  says  Vice  President  of  Information  Ser¬ 
vices  Steve  Hammond.  Aluminum,  steel, 
fasteners,  wood,  plastic  sheets — everything 
that  goes  into  constructing  ImagePoint’s 
signs  has  been  sourced  through  software 
from  SupplyWorks  since  early  2002.  Indi¬ 
rect  materials — everything  else,  in  fact — uti¬ 
lized  the  Web-based  buying  tools  supplied 
by  specialist  indirect  material  suppliers,  such 
as  Granger,  Insight  and  Staples.  The  incen¬ 
tive  for  moving  direct  materials  onto  Sup¬ 
plyWorks,  explains  Hammond,  was  better 
productivity  in  the  buying  department  that 
allowed  buyers  to  do  what  they  ought  to 
do — buy  better,  not  shuffle  paper. 

Instead  of  printing  purchase  orders  then 
faxing  or  mailing  them  to  suppliers  and 
then  finally  chasing  the  suppliers  for  order 
confirmations,  ImagePoint’s  procurement 
requirements  are  fed  directly  from  its  eld¬ 
erly  enterprise  system  into  the  SupplyWorks 
system. 

“The  time  that  our  purchasing  agents  used 
to  spend  chasing  paper  is  freed  up  so  that 


they  can  now  spend  more  time  working  and 
negotiating  with  existing  vendors,  and  qual¬ 
ifying  new  ones,”  says  Hammond.  “Their 
jobs  used  to  be  transaction-based.  Now  they 
are  performing  a  higher  value  role.” 

Already,  that  higher  value  role  is  deliver¬ 
ing  a  bottom-line  benefit.  The  company  is 
on  track  to  achieve  a  10  percent  reduction  in 
its  annual  purchase  spend  of  $32  million.  It 
is,  points  out  Hammond,  “a  very  sizeable 
return  on  our  investment.”  In  addition,  the 
plan  is  to  grow  the  business  by  6  percent  to 
8  percent  this  year,  but  without  hiring  any 
more  purchasing  agents.  Previously,  the  size 
of  the  business  and  the  purchasing  function 
pretty  much  moved  in  lockstep. 

THE  NEW  TOOLS 

-procurement  used  to  be  about  deal¬ 
ing  with  low  value,  repeatable  items 
that  clog  up  your  purchasing  func¬ 


tion,”  says  Prasad  Hedge,  a  partner  with 
Denali  Consulting.  “Over  the  past  couple  of 
years,  the  tools  have  started  to  become  more 
collaborative  and  not  just  transactional.” 

MSX  International,  an  $800  million  busi¬ 
ness  specializing  in  providing  supply  chain 
management  and  procurement  services  to 
the  global  automotive  industry,  is  using 
newly  available  collaborative  technology 
from  Commerce  One  to  buy  items  and  serv¬ 
ices  as  varied  as  printer  cartridges  and  con¬ 
tract  labor  for  its  automotive  customers.  The 
company  issues  RFPs  (accompanied  by 
CAD  drawings  and  specifications),  solicits 
bids  and  responds  to  suppliers’  requests  for 
additional  information — all  over  the  Web. 

“It’s  the  electronic  equivalent  of  a  bidding 
conference,  using  the  Web  to  interact  with  a 
greater  number  of  suppliers,”  says  Troy 
Gazette,  director  of  IT  platform  strategies 
for  MSX.  Answers  to  suppliers’  questions 


Taking  purchasing  power  away  from  the  amateurs 


WITH  AN  ANNUAL  ONLINE  SPEND  of  $3.2  billion,  Motorola  is  among 
^  the  global  leaders  in  e-procurement.  “The  vast  majority  of  the  physical 

goods  that  we  purchase  are  now  bought  online,”  says  Toby  Redshaw, 
Motorola’s  corporate  vice  president  of  IT  strategy,  architecture  and  e-business. 

Now  Redshaw  is  turning  his  attention  to  the  e-procurement  of  things  other 
than  physical  goods— the  $2  billion  to  $3  billion  Motorola  currently  spends  on 
services  such  as  consulting,  temporary  labor,  marketing,  R&D  and  cleaning— and 
the  advantages  to  be  gained  by  professionalizing  the  procurement  process  and 
taking  purchasing  power  away  from  users. 

The  key  to  this  last  strategy  comes  from  a  lesson  the  company  learned  from  e- 
procuring  physical  items:  Users  make  poor  buyers. 

“We  have  great  storage  guys  and  great  networking  guys,  but  that  doesn't  make 
them  great  buyers  of  storage  and  networking,”  says  Redshaw.  For  that,  he  says, 
“You  need  fierce  purchasing  professionals  with  piranha  and  bulldog  genes  built 
into  their  genomes;  We  call  them  ‘deal  sharks.’” 

The  main  boost  to  operating  income,  however,  will  come  from  securing  better 
prices  from  service  providers  and  ensuring  that  both  sides  stick  to  a  deal,  once 
struck.  “You  can  spend  a  lot  of  time  negotiating  a  fantastic  global  contract  with  a 
consulting  or  accounting  firm,  only  to  find  that  the  people  on  the  ground  in 
Brussels  or  Beijing  either  don’t  know  about  it,  or  say  that  they’ve  got  a  good  deal 
locally  that  they  intend  to  continue  with,”  says  Redshaw.  -M.  W. 


62  CIO  JUNE  15,  2003  •  ww’w.c/o.com 


All  those  who  want  more  wireless 

with  less  worry 


•  •  • 


Technology  Risk 


Wireless  networks  offer  businesses  several  advantages.  Increased 
mobility,  design  flexibility,  lower  costs.  But  as  with  most  new 
technologies,  design  focuses  on  functionality  -  not  risk. 
^  Wireless  technologies  do  not  have  the  physical  access 

{  restrictions  used  in  traditional  wired  environments.  They  make 

it  possible  for  someone  in  the  lobby  or  across  the  street  to  have 
access  to  a  network  carrying  patient  or  employee  information, 
sensitive  corporate  data,  or  trade  secrets. 

Are  your  wireless  access  points  configured  with  adequate 
security?  Has  your  business  taken  steps  to  prevent  hackers 
from  exploiting  your  information?  Do  you  know  your 
vulnerabilities?  “War  driving.”  “Net  stumbling.”  “War  chalking.” 
“LAN  jacking.”  From  wireless  to  business  continuity, 
infrastructure  management  to  security  and  privacy,  Protiviti 
helps  you  identify,  measure  and  manage  the  technology  risks 
that  threaten  your  business  objectives.  That  way,  you  can 
manage  your  risks,  not  just  react  to  them. 


Protiviti  is  the  leader  in  independent  risk  consulting  and 
internal  audit  services.  We  provide  international  services  for 
established  and  emerging  companies  to  help  them  inde¬ 
pendently  identify,  measure  and  better  manage  risk.  Our  Big 
Four  experience  ensures  years  of  expertise  in  a  wide  range  of 
industries.  So  whether  your  challenge  is  reporting  accurate 
results,  maximizing  the  value  of  technology  or  adopting 
business  controls  you  can  trust,  Protiviti  delivers  quantifiable 
solutions  that  make  a  difference...  Are  you  ready  to  Say  i? 

For  more  information  visit  protiviti.com  or  call 
1.888.556.7420. 


Visit  KnowledgeLeader.com  today  for  a  free  30-day  trial. 

^  KnowledgeLeader.com  provides  exclusive  tools,  resources  and 
best  practices  to  help  internal  auditors  and  risk  professionals. 


Internal  Audit 


©  2003  Protiviti  Inc.  EOE 


Business  Risk 


Technology  Risk 


E-Procurement 


can  be  broadcast  to  the  entire  pool  of  ven¬ 
dors,  or  not,  depending  on  the  automotive 
customer’s  own  preferences. 

Applying  optimization  technology  to  pro¬ 
curement  is  another  area  that  is  hotting  up. 


their  part,  can  evaluate  those  bonuses.  In 
one  sense,  it’s  the  answer  to  Ametek’s  prob¬ 
lem  of  moving  its  wire  buying  online. 
Instead  of  forcing  bidders  to  bid  for  every 
one  of  the  couple  of  dozen  wire  gauges  the 


straightforward  endorsement  of  the  bottom- 
line  benefits  of  expressive  bidding.  Last  yeag 
the  company  sought  expressive  bids  for  its 
Nafta  ocean-going  freight  business.  “We 
weren’t  very  confident  that  we’d  see  lower 


To  manage  the  expectations  of  an  e-procurement  effort, 

it’s  important  to  remember  that  the  ROI  will  come  only  partly 

through  lower  purchasing  prices.  The  rest  will  come  from 
efficiency  improvements  within  the  buying  process. 


especially  with  multi-item  lots.  “Run  a  buy 
through  an  auction,  and  you  might  get  an 
8  percent  savings.  Run  that  same  buy 
through  an  optimization  engine,  and  you’ll 
get  another  8  percent,”  asserts  John  Fontana, 
a  principal  with  sourcing  and  supply  chain 
management  company  Tigris  Consulting. 

One  of  the  beauties  of  optimization,  he 
explains,  is  that  it  frees  both  buyers  and  sell¬ 
ers  from  the  strait]  ackets  of  fixed  bundles  of 
goods  or  services  against  which  bids  are 
solicited.  That  means  that  online  buyers  and 
sellers  can  now  do  something  they  once 
couldn’t.  Sellers  can  bid  for  selected  parts  of 
lots,  or  include  in  their  offering  nonstandard 
terms  such  as  volume  discounts,  extended 
price  validities  or  other  goodies  not  explicitly 
covered  by  the  bidding  terms.  Buyers,  for 


Leading  Vendors 
of  E-Procurement 


Ariba:  www.ariba.com 

CombineNet:  www.combinenet.com 

Commerce  One:  www.commerceone.com 

Elance:  www.elance.com 

Oracle:  www.oracle.com 

QAD:  www.qad.com 

SupplyWorks:  www.supplyworks.com 


company  uses,  bidders  can  bid  to  their 
strengths  and  sweeten  those  bids  with  vol¬ 
ume  discounts,  or  fix  them  for  a  period  of 
time.  It  doesn’t  sound  too  difficult,  but  in 
practice,  disentangling  the  merits  of  a  dozen 
suppliers’  different  bids  is  surprisingly  chal¬ 
lenging — ^which  is  why  companies  have  usu¬ 
ally  opted  to  enforce  standardization  in  the 
first  place. 

Both  Procter  &  Gamble  and  Bayer  have 
recently  deployed  optimization  technology 
from  CombineNet  that  allows  suppliers  to 
submit  these  so-called  expressive  bids  and 
buyers  to  evaluate  them.  The  optimization 
involved,  says  Dennis  Begg,  Procter  & 
Gamble’s  associate  director  of  purchase 
innovation,  “is  a  combination  of  linear  pro¬ 
gramming  and  mixed-integer  programming, 
coupled  to  a  very  efficient  solver.” 
(A  solver  is  a  piece  of  software  that 
works  out  difficult  calculations.) 
Boiled  down,  for  those  that  can 
remember  Economics  101,  it’s  sim¬ 
ilar  to  applying  the  law  of  com¬ 
parative  advantage  to  everyday 
purchases. 

“Auctions  are  a  zero-sum 
game,”  explains  Begg,  “but  by 
allowing  suppliers  to  bid  to  their 
own  strengths,  and  squeeze  out 
their  own  inefficiencies,  expressive 
bidding  adds  value.” 

Tom  Phalin,  director  of  logistics 
procurement  at  Bayer,  has  a 


prices  at  all,”  he  says.  “But  in  the  event,  we 
reduced  our  ocean  freight  costs  by  15  per¬ 
cent,  signing  contracts  with  11  separate 
steamship  companies.”  This  year,  Bayer  is 
repeating  the  process  on  a  global  scale. 

THE  E-PROCUREMENT 
FUTURE 

Today,  both  the  technology  and  the 
buyer’s  expectations  have  matured 
to  the  point  where  e-procurement 
can  genuinely  be  used  to  source  things  other 
than  catalog-based  indirect  goods.  Direct 
materials,  and  the  services  that  companies 
buy  (see  “At  Your  E-Service,”  Page  61),  are 
now  real  options  for  mainstream  busi¬ 
nesses — and  not  just  for  the  few  companies 
whose  business  models  and  operations  lend 
themselves  to  it. 

To  manage  expectations  of  an  e-procure¬ 
ment  effort,  it’s  important  to  remember  that 
the  ROI  will  come  only  partly  through 
lower  purchasing  prices.  The  rest  of  the 
return  will  come  from  efficiency  improve¬ 
ments  within  the  buying  process.  And  the 
job  of  moving  those  improvements  from  the 
theoretical  to  the  practical  often  falls  upon 
the  CIO.  HH 

If  you  have  e-procurement  experiences  you’d  like  to 
share  with  your  peers,  you  can  address  them  to 
letters@cio.com.  Malcolm  Wheatley  is  a  U.K.-based 
freelancer  who  writes  frequently  on  enterprise  com¬ 
puting  initiatives. 


64  CIO  JUNE  15,  2003  •  www.cio.com 


iGRJR; 

p  MAKE  SENSE  ^ 
pR  OUTSOURCING^ 
RTUNITIES  p.4 


OUTSOURCING 

STRATEGIES 


OFFSHORE^PTIONS 

p:ie 


MEASURING  SUCCESS 
p:17 


TIPS  FROM  THE 
TRENCHES  p.18 


Knocks 


Custom  Publishing 
Advertising  Supplement 


HOW  TO  GET  THE  MOST  OUT  OF  OUTSOURCING 


|v 


MAXIMIZE  I.T  EFFECTIVENESS 

ii 

With  over  35  years  of  experience,  Spherion'^  Technology  helps  desk  support  24-7,  enabling  them  to  avoid  a  potential  $15 
clients  maximize  the  value  of  their  IT  investments  through  million  in  lost  business  per  year.  Which  is  why  nearly  90%  of 
effective  planning  and  implementation  of  IT  solutions.  For  a  •  ' companies  who  use  us,  continue  to  use  us  to  make  their 
leading  pharmaceutical  provider,  this  meant  providing  help  workplace  work  better. 


::  Technology 

Services 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTVNITT  KNOCKS  I  THE  AGENDA 


OUTSOURCING  TODAY: 

MORE  OPTIONS  THAN  EVER  BEFORE 


ever  have  there  been  so 
many  choices. 

As  we  assess  all  of  the 
outsourcing  options  mid¬ 
way  tlirough  2003,  we  see 
a  broader,  deeper  menu  of 
choices  than  ever  before  in 
the  outsourcing  industry’s 
14  short  years.  We  see 
selective  outsourcing  and  soup  to  nuts; 
onshore,  offshore  and  nearshore  ven¬ 
dors;  security  outsourcing  as  a  strategy, 
and  business  process  outsourcing  as  a 
new  way  of  life. 

And  as  we  look  beyond  what’s 
being  outsourced  and  to  whom,  we  see 
a  smarter  set  of  customers  than  ever 
before.  They  have  a  better  sense  of  how 
to  get  into  a  good  outsourcing  deal,  as 
well  as  how  to  get  out  of  a  bad  one. 

Of  course,  some  issues  don’t  go 
away.  Vendor  selection  remains  the  fun¬ 
damental  issue  in  outsourcing  -  “How  do 
I  know  which  is  the  right  vendor  to  meet 
my  needs!*”  -  and  with  more  options  than 
ever,  the  decision  is  that  much  more  com¬ 
plicated.  Vendor  management  is  the  other 
big  ongoing  challenge  -  “How  do  I  cre¬ 
ate  the  right  contract/service  level  agree- 
ments/ROI  metrics!*”  We  have  solid 
methodologies  and  tools  to  meet  these 
goals  today,  but  they  don’t  make  vendor 
management  any  easier.  Outsourcing 
remains  an  engagement,  and  for  it  to  suc¬ 
ceed  then  parties  on  both  sides  of  the  deal 
have  to  remain  fully  engaged. 

Sourcing  strategies,  vendor 
selection  and  day-to-day  manage¬ 
ment.  These  are  among  the  topics 
featured  prominently  in  this  issue  of 
Strategic  Directions. 


BY  TOM  FIELD 

Strategic  Directions  is  the  ongoing 
series  of  CIO  Magazine  supplements, 
produced  by  CIO’s  Custom  Publishing 
group,  focusing  on  the  key  business-crit¬ 
ical  technologies  and  solutions  of  the  day. 
Through  research,  analysis,  case  studies 
and  vendor  profiles.  Strategic  Directions 
provides  an  executive-level  primer  to  the 
hot  topics  on  the  minds  of  senior  IT  and 
business  leaders.  Outsourcing,  clearly,  is 
one  of  today’s  hottest  topics. 

Please  let  us  know  what  you  think 


-  about  Strategic  Directions  in  general, 
this  edition  in  particular,  and  ideas 
you’d  like  us  to  tackle  in  future  edi¬ 
tions.  Got  any  outsourcing  best-prac¬ 
tices  you’d  like  to  share  with  other 
IT /business  leaders.^  Send  them  to  me; 
I’ll  pass  them  along  in  our  next  issue. 

Thanks  for  reading  Strategic 
Directions.  And  thanks  in  advance  for 
writing  in  with  your  feedback. 

Tom  Field 

Director  of  Content  Development 
CXO  Media  Custom  Publishing 
tfield@cxo.com 


READER  RESPONSE 

NEW  SECURITY  AWARENESS 
GROUP  SEEKS  MEMBERS 

Dear  Editor: 

I  just  finished  reading  your 
Strategic  Directions  section  in  CSO 
magazine.  Over  the  past  few 
months  I  have  come  to  the  conclu¬ 
sion  that  the  threat  of  social  engi¬ 
neering  has  increased  due  to 
increased  focus  on  systems  securi¬ 
ty  (i.e.  OS  hardening,  IDS,  etc.).  In 
other  words,  it  may  be  easier  to 
gather  information  with  a  few  calls 
and  complain  to  the  help  desk  that 
you  can’t  get  in  through  the  VPN. 
The  best  way  to  defend  against  this 
threat  is  a  solid  security  aware¬ 
ness  program. 

A  week  ago,  I  created  a  Yahoo  group 
to  discuss  security  awareness  pro¬ 
gram  methodologies  and  share 
information  security  tips  (geared 
towards  the  user  community).  I  have 


attached  a  few  of  my  posts  and 
included  the  specifics  below.  There 
are  over  250  members.  Thank  you. 
Gideon  Rasmussen,  CiSSP 
Celebration,  FL 
gideon@infostruct.net 

SECURITY  AWARENESS  GROUP 
The  security  awareness  group  pro¬ 
vides  a  forum  to  discuss  awareness 
methodologies  and  share  Informa¬ 
tion  security  tips.  The  group  can 
also  be  used  by  anyone  interested  in 
learning  more  about  information 
security. 

Information  security  tips  should 
be  written  with  the  average  person 
as  the  intended  audience.  In  gener¬ 
al,  tips  should  advise  of  best  prac¬ 
tices  and  reinforce  policy. 

To  Join  the  group,  visit 

http://groups.yahoo.com/group/ 

security-awareness. 


STRATEGIC  DIRECTIONS  3 


CIO  ADVERTISING  SUPPLEMENT 


OPPDRTDIlITT  KNOCKS  I  GET  A  GRIP 


HOW  TO  MAKE  SENSE  OF  YOUR  OUTSOURCING  OPPORTUNITIES 


aster  time  to  market,  a 
more  linear  and  predictable 
cost  model  than  insourcing, 
and  access  to  a  better- 
trained  resource  when  dis¬ 
creet  skill  sets  are  required.” 

Sound  like  a  dream? 
Actually,  those  are  three 
competitive  advantages  that 
Keith  Morrow,  vice  presi¬ 
dent  of  information  systems  at  conven¬ 
ience  retailer  7-Eleven,  says  outsourc¬ 
ing  can  deliver. 

And  then.  Morrow  adds,  there’s 
“the  fact  that  security,  privacy,  redun¬ 
dancy,  continuity  and  controls  are  so 
important  these  days.  The  boardroom 


focus  is  on  these  areas,  and,  frankly, 
most  large  IT  companies  are  more 
capable  of  staying  abreast  of  this  turbu¬ 
lence  than  internal  IT  staffs  are.” 

Don  Bullock,  CIO  at  services  giant 
Eaton  Corp.,  points  to  the  ability  to 
focus  internal  resources  on  areas  of  crit¬ 
ical  importance  to  your  company — as 
well  as  substantial  reductions  in  costs. 
“The  opportunity  exists  to  capitalize 
upon  20%  to  30%  savings,”  he  says. 

With  all  those  benefits,  it’s  no  won¬ 
der  some  consultants  estimate  that  For¬ 
tune  500  companies  spend  as  much  as 
60%  of  their  IT  budgets  on  external 
suppliers.  Gartner  analysts  believe  com¬ 


panies  spend  better  than  $100  billion  a 
year  on  IT  outsourcing. 

But  before  leaping  to  outsourcing 
in  an  attempt  to  solve  a  potentially 
sticky  business  problem,  keep  in  mind 
that  outsourcing  is  about  relationships: 
“Structuring  both  the  relationship  and 
the  type  of  work  included  in  the  out¬ 
sourcing  arrangement  is  critical 
to... financial  success,”  Bullock  notes. 

MATCHING  NEEDS  AND  SOLUTIONS 

In  an  outsourcing  landscape  so  rich  in 
capability  and  variety,  what  you  out¬ 
source — and  why — will  determine  the 
kind  of  vendor  you’ll  need.  To  make 
outsourcing  work,  CIOs  must  juggle 


the  many  needs  of  the  business  as  well 
as  the  outsourcing  opportunities  that 
abound.  These  days,  outsourcing  is  eas¬ 
ing  many  pain  points: 

■  COSTLY,  INEFFICIENT,  NONCORE  NECES¬ 
SITIES.  Every  business  has  to  do 
accounts  payable,  for  example,  but  few 
consider  it  a  core  competency.  Out¬ 
sourcing  it  along  with  other  noncore 
functions  can  make  bottom-line  sense. 

“IT  groups  that  don’t  have  to 
‘keep  all  the  lights  on’  can  learn  to  focus 
better  on  aligning  themselves  with  the 
business,”  notes  Morrow.  “Our 
approach  is  to  outsource  what  partners 
can  do  better,  and  we  focus  on  the  core 


areas  of  our  business  that  are  closest  to 
our  customers.  IT  people  perform  best 
when  they  are  required  to  constantly 
improve  and  innovate,  vs.  watching  the 
lights  blink.” 

At  one  global  pharmaceutical  and 
consumer  goods  company,  laptop 
repairs  used  to  take  three  days  per 
mobile  user,  at  the  cost  of  $2,000  per 
day,  per  user.  With  more  than  6,000 
representatives  nationwide,  an  outage 
affecting  the  entire  sales  force  at  any 
point  in  the  year  could  cost  the  com¬ 
pany  a  staggering  $36  million  in  lost 
revenue.  By  committing  to  a  24-hour 
turnaround  for  repairs,  Florida-based 
outsourcer  Spherion  is  saving  the 
client  a  minimum  of  $4,000  per 
mobile  user  and  safeguarding  the 
client’s  bottom  line  against  a  potential 
$24  million  loss. 

■  IMPROVING  IT  INFRASTRUCTURE.  Out¬ 
sourcing  IT  management  as  well  as 
process  management  can  help  cut  costs 
and  rationalize  increasingly  multifaceted 
IT  infrastructures.  This  often  involves: 

■  Boosting  the  quality  of  service.  “Not  all 
IT  shops  have  been  able  to  invest  in 
the  appropriate  required  services,” 
says  Richard  Matlus,  a  research  direc¬ 
tor  with  Gartner  IT  Services  and 
Sourcing.  “This  can  lead  to  a  loss  of 
good-quality  services.  Outsourcing 
can  be  used  to  bring  the  level  of  serv¬ 
ice  to  a  higher  quality  in  instances 
where  IT  shops  have  slipped.” 

■  Inte£iratin£i  and  consolidating  the  IT 
enterprise.  Today’s  networks  and 
applications  are  more  complex  than 


■AND 


WHY— WILL  DETERMINE  THE _ 

KIND  OF  VENDOR  YOU’LL  NEED. 


4  SIIITEBIC  DIIECTIIIS 


CIO  ADVERTISING  SUPPLEMENT 


ever — especially  as  operational  and 
decision-support  systems  must  be 
integrated  internally  and  externally 
while  remaining  secure,  reliable  and 
responsive.  Successful  integration, 
standardization  and/or  consolida¬ 
tion  can  be  expensive  and  time  con¬ 
suming,  and  may  involve  technical 
skills  your  staff  doesn’t  have. 

Since  EDS  and  Sun  Microsys¬ 
tems  undertook  managed-risk  serv¬ 
er  consolidation  at  Blue  Shield  of 
California,  they  have  reduced  the 
number  of  servers  from  10  to  three. 
Yet  the  results  of  consolidation  have 
been  impressive;  Blue  Shield  has 
seen  a  two-  to  threefold  increase  in 
system  performance,  while  system 
management  and  support  require¬ 
ments  have  been  reduced,  system 
administration  and  maintenance 
costs  have  been  cut  by  more  than 
50%,  and  software  support  costs 
have  gone  down. 

■  Coping  with  legacy  systems.  Older, 
proprietary  technologies  can’t  deliv¬ 
er  the  connectivity,  reliability  or 
responsiveness  your  company  needs 
to  compete  today.  And,  too  often, 
simple  upgrades  can’t  be  properly 
integrated. 

IBM  and  JD  Edwards  teamed 
to  upgrade  storage  networking  solu¬ 
tions  provider  CNT’s  legacy  systems. 
The  result:  $3  million  in  savings  with 
ROI  in  less  than  a  year. 

By  abandoning  its  archaic  main¬ 
frame  for  outsourcing,  the  Port 
Authority  of  Allegheny  County  dou¬ 
bled  its  processing  time  and  boosted 
computer  availability  from  70%  to 
99.9%. 

■  Overhauling  the  architecture.  Even¬ 
tually,  the  demands  of  operational 
efficiency  can  force  major  infrastruc¬ 
ture  change,  but  your  IT  staff  may 
not  have  the  required  experience 
and  expertise  to  tinker  with  com- 


OPPORTUNITT  KNOCKS  I  GET  A  GRIP 


mercially  available  software  packages. 
Or,  staffers  may  not  have  the  techni¬ 
cal,  project-planning  or  management 
skills  needed  to  succeed  in  an  entire¬ 
ly  customized  development  effort. 

Working  with  Tata  Consultancy 
Services  (TCS),  the  New  Mexico 
Department  of  Labor  was  able  to 
reduce  the  time  it  typically  takes 
states  to  deliver  a  new  unemploy¬ 
ment  insurance  claims  system  from 
three  to  four  years  to  just  15  months. 

■  EXPLOITING  INTERNET  OPPORTUNITIES. 
Staying  competitive  means  launching 
collaboration  and  e-business  initiatives 
that  can  cut  costs  and  pry  the  lid  off 
new  opportunities — and  then  integrat¬ 
ing  them  into  the  enterprise.  Even  with 
tight  IT  resources,  outsourcing  these 
efforts — which  often  involves  trans¬ 
forming  business  processes  as  well  as 
developing  and  implementing  new 
software — can  help  keep  the  competi¬ 
tive  momentum  going. 

■  GETTING  HELP  WITH  MANAGEMENT 
AND  MAINTENANCE.  With  customers 
demanding  24/7  access  to  just  about 
everything,  keeping  networks  and 
applications  optimally  available  is  get¬ 
ting  tougher  all  the  time.  Yet  security 
concerns  remain  paramount.  Often  the 
best  option  is  to  offload  network  and 
application  monitoring  and  mainte¬ 
nance  to  outside  experts. 

Faced  with  slipping  service  deliv¬ 
ery  and  rapidly  rising  complaints, 
Telefonica  de  Argentina  consolidated 
IT  operations  and  outsourced  systems 
maintenance  and  application  develop¬ 
ment  to  Accenture.  The  result:  $35 
million  in  savings  on  application 
maintenance,  a  20%  savings  on  appli¬ 
cation  management  and  a  productivi¬ 
ty  jump  of  20%. 

REWARDS  AND  RISKS 

There  are  many  kinds  of  outsourcing, 
each  with  its  own  risks  and  rewards.  7- 


Eleven’s  Keith  Morrow  shares  some  of 
the  more  common  types. 

Commodity  outsourcing  includes 
services  that  are  sufficiently  common 
and  reliable,  such  as  call  center  opera¬ 
tions,  and  that  may  be  more  cost-effec¬ 
tive  to  outsource  than  to  do  in-house. 
These  days,  even  some  mission-critical 
services  are  becoming  commoditized, 
as  customization  yields  to  standardized 
offerings  designed  for  shared  (read: 
Internet- based)  environments. 
Reward:  Economies  of  scale  and  effi¬ 
ciency 

Risk:  May  be  more  to  manage  than  it’s 
worth 

Tactical  outsourcing  may  be 
attractive  when  a  company  lacks  the 
resources  and/or  expertise  to  under¬ 
take  specialized  activities,  such  as  Web 
site  hosting  or  operating  wireless  local 
area  networks  (LANs). 

Reward:  Might  be  quicker  than  doing 
it  yourself 

Risk:  A  short-term  fix  that  may  bloat 
long-term  expense  levels 

Strategic,  or  transformational, 
outsourcing  helps  a  company  trans¬ 
form  its  business  by  using  a  provider’s 
comprehensive  package  of  services, 
typically  involving  consulting,  busi¬ 
ness  process  outsourcing  and  change 
management.  For  instance,  Accen¬ 
ture’s  deal  with  the  U.K.  grocery 
chain  Janesbury  has  Accenture  not 
only  assuming  IT  functions,  but  also 
helping  improve  supply  chain  and  in¬ 
store  operations. 

Reward:  Allows  simpler  management 
of  fewer  outsourcing  partners,  better 
discounts  on  a  larger  volume  of 
spending 

Risk:  Complexity:  “It  takes  the  right 
skill  sets  internally  to  strike  the  deal 
and  manage  it,”  says  Morrow,  who 
cautions  that,  “Your  outsource  part¬ 
ner  will  not  be  best-of- breed  in  every 
area  of  delivery.” 


STRATEGIC  DIRECTIONS  5 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTUNITY  KNOCKS  I  6ET  A  GRIP 


KNOW  WHAT  YOU  NEEO- 
AND  WHAT  YOU’LL  GET 

Outsourcers  come  in  a  variety  of 
shapes  and  sizes.  Systems  integrators, 
for  example,  provide  a  range  of  pro¬ 
fessional  services,  including  systems 
integration,  software  development  and 
customization,  and  process  engineer¬ 
ing.  Specialty  service  providers,  or 
xSPs,  on  the  other  hand,  offer  a  vari¬ 
ety  of  on-demand  services  and  may 
manage  multiple  projects. 

These  days,  companies  employ 
systems  integration  service  providers 
to  optimize  prior  investments  more 
often  than  implementing  and  integrat¬ 
ing  new  software.  IDC  estimates  that 
worldwide  spending  on  systems  inte¬ 
gration  services  will  top  $100  billion 
by  2006.  Meanwhile,  constraints  on 


corporate  spending  have  forced  serv¬ 
ices  providers  to  demonstrate  quan¬ 
tifiable  value  for  each  customer,  and 
triggered  price  pressures  on  U.S.  IT 
services  providers,  which  have 
increased  their  use  of  offshore 
resources,  chiefly  in  India. 

“Providers  of  professional  servic¬ 
es  are  specialized,  limited  in  their  serv¬ 
ice  offerings,  and  are  niche  players 
either  in  the  areas  of  systems  integra¬ 
tion,  application  maintenance,  cus¬ 
tomer  development  or  packaged  soft¬ 
ware  customization,”  explains  Pavan 
Kumar,  senior  vice  president  of 
Satyam  Computer  Services  Ltd.,  one 
of  India’s  premier  outsourcing  ven¬ 
dors.  “A  customer  will  typically  have 
to  engage  multiple  vendors  based  on 
its  requirements.” 


In  the  wake  of  the  dot-com  deba¬ 
cle,  however,  on-demand  and  IT  util¬ 
ity  service  offerings  are  being  devel¬ 
oped  by  outsourcers  to  meet  the  need 
for  xSP  services,  and  to  make  the 
technologies  and  pricing  schemes 
developed  by  xSPs  available  to  their 
regular  customer  base. 

“EDS,  HP  and  IBM  have  won  a 
number  of  very  large  outsourcing  con¬ 
tracts  recently  that  require  them  to 
deliver  on-demand,  IT  utility  services 
after  consolidation  and  standardization 
of  the  client’s  existing  infrastructure,” 
says  Gartner’s  Matlus. 

For  example,  Three  Rivers  Phar¬ 
maceuticals  reports  saving  a  whopping 
50%  of  its  IT  budget  by  using  Oracle 
E-Business  Suite  Outsourcing,  includ¬ 
ing  $400,000  per  year  in  staffing  costs 


CASE  ST80T 


For  a  global  airline  like  British  Airways  the  primary 
processes  that  make  the  company  work— from  sales  to 
customer  service  to  finance  and  accounting  to  adminis¬ 
tration— are  much  more  complex  than  they  appear  on 
the  surface.  Headquartered  in  London,  UK,  British 
Airways  (BA)  employs  over  50,000  people  and  covers 
552  destinations  in  135  countries. 

Not  surprisingly,  keeping  this  global  organiza¬ 
tion  running  smoothly  takes  a  lot  more  than  fly¬ 
ing  the  planes.  It  takes  processing  all  the 
transactions  that  keep  the  planes  in  the  air  and 
the  passengers  happy.  And  it  requires  lots  of 
connections.  Flight  connections,  billing  con¬ 
nections,  even  customer  service  connections.  When  BA  misses  a  connec¬ 
tion  it  means  more  than  a  missed  flight.  It  means  missed  revenue,  and 
missed  opportunities. 

Fortunately  for  the  airline,  WNS  offers  24/7  customer  service  and  back 
office  management  services  so  clients  like  BA  can  focus  on  their  core 
business. 

DELIVERING  EXCEPTIONAL  BOTTOM-LINE  IMPACT 

WNS  is  a  leading  global  Business  Process  Outsourcing  (BPO)  company  with 
proven  expertise  in  delivering  exceptional  bottom-line  impact  to  its  clients. 
WNS’  talent  pool  of  well-trained  and  highly  qualified  professionals  are  locat- 


I  L'il' 

ed  at  its  offices  in  New  York  (US),  London  and  Ipswich  (UK),  and  offshore 
delivery  centers  in  Mumbai  and  Pune  in  India.  Backed  by  its  world-class 
infrastructure  and  best-of  breed-technology,  the  ISO-9001  compliant  WNS 
is  a  highly  regarded  global  BPO  company. 

For  BA,  the  benefits  of  its  partnership  with  WNS  have  been  impressive 
including  a  40-50%  cost  savings  (this  lower  cost  base  also  makes  possible 

otherwise  hard  to  achieve  levels  of  financial 
control).  What’s  more,  various  revenue  recov¬ 
ery  and  audit  activities  carried  out  by  WNS  on 
behalf  of  BA  have  led  to  more  than  $20  million 
of  additional  revenue  recovery  in  2002. 

And  customer  retention  rates  are  up  60%, 
while  business  velocity  increased  by  running  a 
24/7/365  operation.  Overall,  its  partnership  with  WNS  has  meant  a  bottom 
line  impact  of  over  $100  million  to  BA. 

Fortune  1000  clients  like  British  Airways,  Federal  Express  and  Royal  & 
SunAlliance  rely  on  WNS  to  answer  their  phones,  process  their  transac¬ 
tions,  track  their  revenue,  pay  their  suppliers  and  handle  a  wide  range  of 
critical  processes. 


To  learn  more  about  what  WNS  Global  Services  can  do  for  your 
business,  log  on  to  our  website  at  www.wnsgs.com  or  email  us  at 
info@wnsgs.com. 


WNS 

Extending  Your  Enterprise 


6  STRATEGIC  DIRECTIONS 


uHgiTOtfii  I  li 


Business  processes  impact  more  than  just  the  bottom  line.  An  incorrect  bill 
could  result  in  customer  attrition,  a  misplaced  claim  may  mean  a  child 
without  benefits,  a  delayed  flight  could  mean  a  missed  opportunity.  At  WNS, 
we  have  a  proud  heritage  of  ensuring  excellence  in  service  delivery  for  clients 
who  trust  us  to  manage  their  most  prized  relationships.  Visit  us  to  learn  more. 


global  outsourcing  |  transaction  processing  j  customer  care 

GLOBAL.  TRUSTED.  PROVEN. 


WNS 

Extending  Your  Enterprise 


U.S,  212,599.6960  U-K.  (0)1784.224216  India  +91.22.55976.400 


www.wnsgs.com 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTUMITT  KNOCKS  I  GET  A  GRIP 


and  an  additional  $350,000  on  hard¬ 
ware,  software  and  maintenance 
expenses. 

As  businesses  outsource  tactical 
management  and  maintenance  activities 
so  they  can  focus  on  strategic  efforts, 
xSPs  are  responding  with  supply  chains 
that  offer  access  to  all  manner  of  appli¬ 
cation,  networking,  management, 
process  and  infrastructure  capabilities. 

“These  are  end-to-end  service 
pro\iders,  with  competencies  across  the 
vertical  and  technology  skill  sets,”  notes 
Kumar.  “xSPs  are  generalists,  one-stop 
shops  with  capabilities  to  manage  mul¬ 
tiple  projects  and  the  ability  to  share 
their  customers’  risks.” 

IDC  calculates  that  worldwide 
spending  on  xSPs  will  approach  $20  bil¬ 
lion  by  2006,  w'hile  spending  on  appli¬ 
cation  management  ser\ices  will  exceed 
$21  billion  by  then. 


BANG  FOR  THE  BUCK 

Many  CIOs  report  that  75%  to  85%  of 
their  IT  budgets  are  spent  on  manag¬ 
ing  the  availability,  performance, 
security,  change  and  problems  associ¬ 
ated  with  applications,  according  to 
Tim  Chou,  president  of  Oracle  Out¬ 
sourcing,  “This  leaves  very  few 
resources  to  develop  or  implement 
new  systems  to  help  them  run  their 
business  more  efficiently  and  be  more 
competitive,”  he  explains.  “The 
amount  of  effort  an  organization  can 
apply — proactively  vs.  reactively — to 
these  five  key  areas  is  directly  tied  to 
the  level  of  service  end  users  receive.” 

“Clients  should  not  look  to  out¬ 
sourcing  for  cost  savings,  but  outsourc¬ 
ing  can  help  control  costs  over  time,” 
says  Matlus.  “However,  if  a  client  is 
inefficient  and  their  costs  are  higher 
than  average,  the  service  providers 


should  be  able  to  reduce  these  costs  to 
industry  averages.” 

Some  of  the  documented  results 
that  outsourcers  have  achieved  are 
impressive: 

■  When  it  was  time  for  Verizon  Fed¬ 
eral  to  re -bid  its  contract  to  provide 
telecommunications  services  to  the 
federal  government,  it  knew  it 
would  need  help  to  compete.  The 
company  turned  to  Virginia-based 
project  management  consultancy 
Robbins-Gioia,  which  discovered 
several  areas  for  improvement  in 
Verizon’s  proposal,  as  well  as  in  the 
overall  management  concept  of 
operations.  With  Robbins-Gioia’s 
onsite  support,  Verizon  was  award¬ 
ed  a  new,  eight-year  contract  to 
manage  the  government’s  telecom¬ 
munications  services  program,  val¬ 
ued  at  well  over  $I  billion. 


CONPiRT  PROFILE 


RIGHTSOURCING^:  WHAT  BUSINESS  DEMANDS 


US  based  heavy  equipment  manufacturer  achieved  a 
50%  reduction  in  direct  costs  for  its  application  and 
migration  tasks,  A  mqjor  insurance  group  in  the  US 
slashed  30%  of  its  costs  when  it  reengineered  its  lega¬ 
cy  systems. 

Whafs  the  common  factor  in  these 
two  success  stories?  Satyam  Computer  Services  Ltd, 

(NYSE:SAY),  Satyam  is  the  IT  solutions  provider  for 
both  organizations.  What’s  more,  the  success  story 
has  been  repeated  for  270  global  clients— 76  from  the 
hallowed  Fortune  500, 

No  wonder  that  Satyam’s  clientele  includes  some 
of  the  best  names  in  the  key  industry  verticals  it 
serves  including,  4  of  the  top  5  Networking  and 
Communication  Equipment  Manufacturers,  2  of  the 
top  5  Health  Insurance  Companies  in  the  US,  4  of  the  top  10  Global 
Pharmaceutical  Companies,  7  of  the  top  10  Auto  Mayors,  2  of  the  top  4 
Securities  Companies,  5  of  the  top  10  Electronics  &  Electrical  Equipment 
Manufacturers. 

A  global  provider  of  the  complete  suite  of  IT  solutions,  Satyam  employs 
over  9,500  highly  skilled  professionals  working  onsite,  offshore  or  offsite  to 


offer  customized  IT  solutions  for  companies  in  several  industry  sectors. 

This  unique  Rightsourcing,  delivery  methodology  is  how  Satyam  helped 
the  Fortune  500  manufacturer  of  heavy  equipment  rapidly  deploy  the  latest 
version  of  an  e-business  application  for  its  end  users.  And  the  Mid-western 
insurance  group  relied  on  it  to  connect  with  its  cus¬ 
tomers,  agents  and  data  on  the  Web  while  leveraging 
the  power  of  its  existing  legacy  system. 

A  TRUSTED  AND  VIBRANT  BUSINESS 
PARTNER 

Satyam  is  more  than  a  cost  effective  IT  solutions  and 
services  provider  to  the  world’s  finest  companies.  In 
fact,  Satyam’s  ideas  and  products  have  resulted  in 
technology-intensive  transformations  that  have  met  the 
most  stringent  of  international  quality  standards. 
Committed  to  a  customer-centric  approach,  Satyam  works  closely  with 
its  clients  to  deliver  What  Business  Demands. 

For  more  information  about  how  Satyam  can  deliver  solutions  for 
your  business  challenges,  visit  www.satyam.com  or  email: 
us@satyam.com 


8  STBUEfiie  BIIECTIIIS 


Flexibility... 


...With  Full  Support 


What  does  it  mean  to  function  as  our  customers'  IT  arm?  It  means  delivering  flexible 
IT  solutions.  It  means  understanding  our  customers'  business  needs  and  providing 
diligent,  discerning  support. 

At  Satyam,  we  take  on  the  responsibility  of  understanding  our  customers'  business  and 
their  industry.  That's  how  we  engineer  and  implement  unique,  insightful  solutions  that 
enable  our  customers  to  outmaneuver  the  competition.  Our  9,300  Associates  around 
the  world  are  busy  making  that  happen,  24  x  7. 

•  Presence  in  45  Countries  •  Over  9,300  Associates  •  A  SEI-CMM  Level  5  Organization 
•  Clientele  of  Over  270  Global  Corporations  •  Development  Centers  Worldwide 


Satyam 


What  Business  Demands 


One  Catehall  Drive  #  301  Parsippany,  NJ  07054  1-800-450-7605  www.satyam.com  US@satyam.com 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTDNITT  KNOCKS  |  GET  A  GRIP 


■  MedUnite,  a  consortium  of  leading 
health  insurance  firms  mandated  to 
provide  Web-based  connectivity 
tools  for  handling  healthcare  trans¬ 
actions,  recognized  the  need  to  bet¬ 
ter  manage  its  clients.  Outsourcing 
its  CRM  demands  to  Salesforce.com 
has  saved  MedUnite  25%  to  35%  in 
administrative  time. 

■  After  handing  off  day-to-day  respon¬ 
sibility  for  managing  its  customer 
contact  center  (19,000  calls  per  day) 
to  Spherion,  an  international  manu¬ 
facturer  of  electronic  components 
saw  an  almost  immediate  impact  on 
performance:  Calls  were  answered 
faster,  hold  times  were  dramatically 
reduced,  and  customers  received  bet¬ 


ter  answers  to  their  questions. 
What’s  more,  product  return  rates 
were  noticeably  lower  and  customer 
satisfaction  levels  were  higher.  Specif¬ 
ically,  service  levels  improved  by 
28.6%,  average  handling  time 
dropped  by  9.9%,  average  speed  of 
answered  calls  was  up  43%,  and  attri¬ 
tion  rates  fell  by  27.8%. 

■  Needing  to  ramp  up  quickly  for  the 
approaching  holiday  season,  a  lead¬ 
ing  mass  merchant/retailer  with 
4,000  stores  nationwide,  plus  Inter¬ 
net  and  catalog  sales  operations, 
turned  to  Convergys  to  help  with 
customer  service.  In  fewer  than  75 
days,  1,000  new  agents  were  ready 
to  meet  shopper  demand. 


■  Canada’s  CGI,  an  insurance  business 
processing  outsourcer,  typically  saves 
customers  10%  to  33%  by  handling 
such  processes  as  underwriting, 
billing  and  claims  data. 

“Keep  in  mind  that  it’s  not  just 
technology  that  you’re  outsourcing,” 
says  Jim  Leto,  CEO  of  Robbins-Gioia. 
“Yes,  you’re  choosing  a  technology — 
and  the  ability  of  the  technology  to  per¬ 
form  is  certainly  a  basic  requirement  of 
the  arrangement.  But  you’re  also  out¬ 
sourcing  part  of  your  business,  and  if 
you  don’t  have  the  capacity  to  manage 
that  technology  on  an  ongoing  basis, 
you’d  better  find  a  way  to  acquire  that 
capacity,  or  you’ll  never  see  the  benefits 
of  your  new  technology.”  SD 


CONPANT  PROFILE 


onvergys  is  the  global  leader  in  integrated  billing,  cus¬ 
tomer  care,  employee  care  and  transaction  manage¬ 
ment  software  and  services.  Through  outsourcing  or 
licensing,  it  serves  top  companies  in  telecommunica¬ 
tions,  Internet,  cable  and  broadband  services,  technol¬ 
ogy,  financial  services  and  other  industries  in  more  than 
40  countries.  Convergys  brings  together  world- 
class  resources,  software  and  expertise  to  help 
create  valuable  customer  and  employee  rela¬ 
tionships  for  its  clients.  The  company  employs 
more  than  44,000  people  in  45  customer  con-  •  •  •  • 

tact  centers  and  In  its  data  centers  and  other 
offices  in  the  United  States,  Canada,  Latin  America,  Europe,  the  Middle 
East  and  Asia. 

Convergys  is  the  world’s  largest  provider  of  outsourced  customer 
management  services,  including  customer  service  and  customer 
acquisition,  technical  support,  sales  support  and  marketing  research. 
It  provides  a  wide  range  of  integrated  high-tech,  human-touch  tele¬ 
phone  and  Web-based  customer  management  products  and  services, 
it  can  serve  its  clients  any  time,  any  way  customers  choose:  live 
agent,  e-mail,  on  the  Web  and  through  interactive  voice  response. 
Leading  companies  in  the  communication,  technology  and  financial 
services  industries  use  Convergys’  expertise  and  systems  to  develop 
better  customer  relationships,  improve  the  bottom  line  and  build  com¬ 
petitive  advantage. 


Convergys 


READY  TO  DELIVER  WHAFS  NEEDED 

A  growing  number  of  organizations  are  recognizing  they  can  cost-eflfectively 
improve  service  to  employees  by  outsourcing  human  resources  ftinctions. 
Convergys’  employee  care  services  include  p^rol!  administration  and  pro¬ 
cessing,  health  and  welfare  administration,  benefit  plan  administration,  and 
job  posting  and  applicant  support.  Through  Convergys,  clients  offer  multiple 
touch  points  for  their  employees,  including  tele- 
■  phone-based  employee  care  specialists,  intranet,  e- 

mail,  kiosks  and  interactive  voice  response. 

Convergys  builds  and  operates  billing  and  trans¬ 
action  management  software  and  systems  for 
communications  providers.  The  world’s  leading 
wireless,  wireline,  cable  and  broadband,  satellite  and  next-generation  com¬ 
panies  can  build  a  sustainable  competitive  advantage  by  relying  on 
Convergys’  experience  and  technology  to  deploy,  manage  and  bill  their 
services.  These  include  service  activation  and  provisioning,  mediation,  rat¬ 
ing  and  billing,  and  customer  care.  Convergys’  billing  product  portfolio  con¬ 
sists  of  end-to-end  solutions,  pre-integrated  application  suites  and  individ¬ 
ual  application  modules  to  meet  all  client  needs.  It  delivers  industry-leading 
software  products,  consulting  services  and  data  processing  services  as 
licensed,  outsourced  or  build-operate-transfer  solutions. 

Whatever,  wherever  and  however  its  clients  need  its  products  and  serv¬ 
ices,  Convergys  is  ready  to  deliver. 

For  more  information,  contact  www.convergys.com 


10  STItTESiC  DIIEETIIRS 


Next-generation  billing,  customer  care,  and  employee  care  may  not  be  your 
core  competencies,  but  they're  ours.  We've  expertly  handled  these  functions  for 
20  years,  making  us  a  leader  in  business  process  outsourcing  and  a  strategic 
partner  to  our  clients.  We  work  with  you  to  create  innovative  solutions  to 
help  you  grow  revenue,  increase  customer  and  employee  satisfaction,  control  and 
lower  operating  costs,  and  manage  your  business  with  less  infrastructure.  At 
Convergys,  we  share  the  risks  with  you  and  we  share  the  rewards.  That's 
what  a  real  partner  is,  and  that's  what  we  are  to  hundreds  of  the  world's 
top  companies.  Isn't  it  about  time  we  teamed  up  with  you? 


To  learn  more,  visit  www.convergys.com  or  call  1-800-344-3000. 


Convergys 


Convergys,  the  Convergys  logo,  and  "The  only  thing  that  should  come  between  you  and  your  customers"  are  trademarks  of  Convergys. 
Convergys  refers  to  Convergys  Corporation  and  all  of  its  wholly  owned  subsidiaries. G  2003  Convergys  Corporation.  All  rights  reserved. 


The  only  thing  that  should  come 
between  you  and  your  customers. 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTDNITT  KROCKS  I  ODTSORRCIHG  STRATEGIES 


OUTSOURCING  STRATEGIES: 

WHAT,  WHEN  AND  WHERE? 


TOO  many  CIOs,  it  seems, 
are  stuck  with  bad  out¬ 
sourcing  deals.  Maybe 
that’s  got  something  to 
do  with  a  recent  observa¬ 
tion  by  Gartner  analysts: 
that  less  than  one  per¬ 
cent  of  CIOs  have  honed 
a  strategy  to  deal  with 
external  service  providers. 

“Outsourcing  fails  when  the  user 
firm  tries  to  dictate  process  manage¬ 
ment  to  the  outsourcer,”  says  Tom 
Antunes,  vice  president  of  industry 
solutions  at  Convergys  Corp.  “The  rea¬ 
son  you  buy  outsourcing  is  to  reduce 
risk  and  increase  the  probability  of  suc¬ 
cess  of  your  venture,”  he  says.  “You 
need  to  accept  that  an  outsourcer  will 
use  their  own  people,  process  and  tech¬ 
nologies  to  attain  your  business  goals.” 

A  company  that  is  considering  out¬ 
sourcing  needs  to  craft  specific  busi¬ 
ness-impacting  goals,  Artunes  says.  The 
focus  should  not  be  how  the  outsourcer 
achieves  this,  but  rather  that  the  out¬ 
sourcer  attains  service-level  agreements 
that  actually  drive  the  company’s  busi¬ 
ness  performance.  “You  need  to  tell  the 
outsourcer  what  to  do,  then  step  away 
and  let  them  do  it,”  he  says. 

DECIDING  WHAT  AND  WHEN  TO 
OUTSOURCE 

“We  find  that  the  companies  that  are 
most  satisfied  with  their  outsourcing 
decisions  are  those  that  were  very  clear 
on  their  objectives  for  the  particular 
function,”  says  Wayne  Mincey,  presi¬ 
dent  of  Spherion  Technology  Services. 


These  objectives  can  typically  be 
grouped  into  three  fundamental  areas: 

■  Focusing  on  core  competencies  by 
outsourcing  a  noncore  activity  to  a 
competent  provider  of  the  function; 

■  Reducing  costs  by  outsourcing  to  a 
provider  with  cost  and/or  produc¬ 
tivity  advantages;  and 

■  Strengthening  a  function  by  out¬ 
sourcing  to  a  provider  with  superior 
skills  and  capability  in  a  particular 
function. 

The  key  to  determining  the  total 
cost  of  outsourcing,  Mincey  believes,  is 
to  examine  both  the  costs  associated 


with  items  considered  out-of-scope  for 
the  outsourcer  as  well  as  internal  coor¬ 
dination  and  management  costs. 

“While  many  times  a  client  out¬ 
sources  to  have  an  external  party  help 
manage  costs  within  scope,  this  is  rarely 
adhered  to  over  the  long  term,”  he 
says.  As  initiatives  emerge  that  are  out 
of  the  original  scope,  the  costs  associ¬ 
ated  with  this  work  can  come  at  a  pre¬ 
mium.  To  avoid  this  issue,  clients 
should  benchmark  with  firms  similar  in 
size  and  culture  that  have  gone 
through  the  process  and  can  help  size 
the  likely  out-of-scope  work  levels. 


AVOID  THE  PITFALLS  OF  PIECEMEAL  OUTSOURCING 

Identify  the  functions  and  components  of  your  iT  organization.  And  don’t  forget  busi¬ 
ness  processes,  iike  payroii,  or  aggregations  of  processes,  such  as  human  resources. 
For  each  IT-supported  function  and  component,  settie  on  the  best  channel  to 
deliver  that  support.  Will  it  be  in-house  resources,  hired  expertise,  facilities  man¬ 
agement  (when  resource  ownership  is  shifted  but  the  location  remains  the  same), 
or  outsourcing? 

Map  out  the  balance  you  want  between  service  levels  and  cost.  Decide,  for  instance, 
if  you’ll  outsource  a  business-critical  function  if  you  can  cut  costs. 

Assess  longer-term  impact.  How  will  you  ensure  security  and  privacy,  sustain  in- 
house  technical  skills  and  manage  external  providers? 

Have  a  contingency  plan  and  an  exit  strategy.  What  happens  if  your  service 
provider  is  acquired  or  goes  bankrupt?  If  there’s  a  major  disruption  to  service? 
Decide  the  optimal  length  of  a  contract  and  develop  a  plan  for  minimizing  the  cost 
of  switching  providers. 

Pick  your  providers  with  an  eye  to  all  your  IT  functions  and  components.  Are  there 
technical  inconsistencies,  gaps  or  overlaps?  Do  you  need  to  make  changes  to 
processes  that  will  affect  outsourcing  arrangements? 

Begin  negotiating  with  potential  providers.  It’s  a  buyer’s  market,  so  you  can 
wrangle  about  more  than  price.  Consider  increases  in  service  and  support  levels, 
provider  modifications  to  architectures  to  support  your  business,  and  expanded 
capabilities  and  features. 


12  STRATEGIC  DIRECTIONS 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTUNITY  KNOCKS!  OUTSOURCING  STRATEGIES 


The  company  must  also  consider 
its  own  management  time  against  the 
initiative,  Mincey  says.  Resources  to 
manage  the  supplier,  management  of 
the  prioritization  process,  and  pure 
service -level  monitoring  and  followup 
can  often  exceed  original  expectations. 
“These  are  critical  functions  that  cannot 
be  shortchanged  without  jeopardizing 
overall  results  of  the  initiative,”  he  says. 
Some  considerations: 

■  When  you  outsource,  you  must 
constantly  manage  your  service 
providers.  The  skilled  staff  needed 
to  do  this  is  part  of  the  cost. 

“Management  of  service  pro¬ 
viders,  and  the  relationships  between 
the  organization  and  service  providers, 
is  one  of  the  most  critical  elements  of 


successful  outsourcing  endeavors,” 
says  Kip  Martin,  vice  president  of 
Meta  Group.  “It  enables  the  client 
organization  to  manage  service  levels, 
to  assess  the  delivery  of  contractual 
obligations,  and  to  repatriate  business 
process  and  system  knowledge  back 
into  the  client  personnel.” 

■  Project-based  outsourcing  may  lead 
to  imnecessary  infrastructure  com¬ 
plexity  and  redimdancy.  Outsourcing 
decisions  should  be  linked  with  your 
IT  architecture  and  infrastructure. 

“Don’t  bifurcate  functions  with 
significant  synergy  to  other  functions,” 
advises  Mincey.  “For  example,  separat¬ 
ing  the  management  of  help-desk  and 
desk-side  support  functions  allows 
breakdowns  in  accountability  and  the 


potential  to  effectively  leverage  knowl¬ 
edge  across  these  related  functions.” 

■  Remember,  it’s  about  the  rela¬ 
tionship.  If  you  squeeze  providers 
so  much  that  they  can’t  generate  a 
profit,  you  lose,  too. 

“Beyond  technical  capabilities,  the 
most  important  characteristic  of  a  serv¬ 
ice  provider  is  its  compatibility  with  the 
client  organization’s  culture,  and  the 
degree  to  which  the  client  thinks  the 
outsourcer  and  client  organization  can 
get  along,”  says  Martin. 

OUTSOURCING  OPTIONS:  WHATS  HOT 

The  current  siege-mentality  economy 
demands  that  firms  gain  competitive 
advantage  through  risk  mitigation — 
there  is  no  margin  for  error.  Yet  “CIOs 


COMPART  PROFILE 


m 

s  the  debate  continues  to  rage  about  the  relative  merits 
of  IT  outsourcing  vs.  insourcing,  there  are  several  key 
questions  CIOs  can  ask  themselves  to  help  find  the  right 
answ/er  including;  If  we  do  it  ourselves,  can  we  do  it  bet¬ 
ter,  faster,  cheaper?  Do  we 
have  the  right  resources?  Gan 
we  do  everything  in-house  without  diminishing 
our  focus  on  strategic  priorities?  If  we  out¬ 
source,  will  we  lose  agility? 

Sometimes  answers  to  questions  like  these 
fall  into  that  gray  world  of  “maybe.”  When  that 
happens,  the  best  answer  may  be  a  combina¬ 
tion  of  insourcing  and  outsourcing.  For  certain 
projects,  such  as  a  massive  operating  system  deployment,  a  Joint  team 
comprised  of  internal  project  owners  supplemented  by  external  imple¬ 
mentation  experts  can  offer  significant  advantages. 

BEYOND  THE  BOUNDARIES  OF  TRADITIONAL  SOURCING 

Looking  beyond  the  boundaries  of  traditional  sourcing  absolutes  proved  to 
be  the  best  approach  for  one  large  consumer  health  care  products  compa¬ 
ny.  With  many  decentralized  business  units  across  the  globe,  the  company’s 
planned  migration  to  Windows  2000  seemed  like  a  perfect  candidate  for  out¬ 
sourcing— and  for  most  of  the  organization,  it  was,  offering  the  prerequisite 


global  resources  and  economies  of  scale  for  the  organization  as  a  whole. 

But  it  wasn’t  the  right  answer  for  a  handful  of  business  units  hit  hard  by 
recent  revenue  shortfalls.  They  needed  the  same  high-quality  service  and 
speed,  but  they  also  needed  the  flexibility  to  find  a  lower-cost  option. 

“Looking  for  alternative  solutions,  this  long¬ 
time  client  asked  us  how  fast  and  how  cost 
effectively  we  could  migrate  more  than  3,000 
PCs  across  the  country,”  recalls  Wayne  Mincey, 
president  of  Spherion®  Technology  Services. 

“Working  in  close  partnership  with  our 
client,  we  completed  that  migration  well 
ahead  of  an  aggressive  schedule  and  at  less 
than  half  the  originally  estimated  cost.  Our 
ability  to  quickly  ramp  up  help  desk  resources  to  address  a  typical  flur¬ 
ry  of  post-migration  questions  was  an  additional  value-add  that  signifi¬ 
cantly  boosted  overall  client  satisfaction.” 

The  right  solution  incorporates  the  value  a  client  wants,  which  isn’t  always 
a  perfect  match  for  the  value  a  vendor  is  selling.  While  outsourcing  typical¬ 
ly  offers  a  high  value  proposition,  in  this  instance,  the  flexibility  to  customize 
the  value  proposition  was  Just  as  critical  as  resources,  quality,  and  experi¬ 
ence  and  cost. 


For  more  information,  contact  www.spheriontechnology.com 


_i_ 

spherion' 

Technology 

Services 


SIIIIKIC  miECIIlllS  13 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTUNITY  KNOCKS  I  OUTSOURCING  STRATEGIES 


are  also  being  called  upon  to  ensure 
that  every  project  has  a  greater  likeli¬ 
hood  of  success,”  says  Convergys’ 
Antunes.  Therefore,  outsourcing  rela¬ 
tionships  must  demonstrate  that  they 
can  reduce  the  risk  of  successfully 
launching  and  operating  the  tactics  that 
embody  a  user  firm’s  strategy.  Some  of 
today’s  outsourcing  hot  topics: 

APPLICATION  DEVELOPMENT, 
INTEGRATION  AND  WEB  SERVICES 

In  many  companies,  the  organizational 
rules  that  drive  business  processes  are 
buried  in  legacy  systems — undocu¬ 
mented,  certainly  not  standardized,  and 
so  old  and  ill-maintained  that  locating 
business  rules  can  be  highly  complex 
and  error-prone.  It  often  makes  sense  to 


outsource  activities  that  integrate 
and/or  webify  applications,  infrastruc¬ 
tures  or  architectures. 

One  insurance  firm  needed  help 
assessing  its  software  development  proj¬ 
ects,  which  were  costing  $1  million  per 
week.  By  consolidating  projects  into  a 
master  schedule  and  defining  resources, 
outsourcer  Robbins-Gioia  and  the 
insurance  company  reduced  annual  soft¬ 
ware  development  expenditures  by  $2.4 
million,  because  the  proper  resources 
were  deployed  against  the  right  projects, 
reducing  redundant  efforts. 

NSC,  a  nonprofit  group  that  veri¬ 
fies  student  information  for  employers, 
turned  to  Flamenco  Networks  for  a 
Web  service  that  ties  customers  direcdy 
into  NSC’s  verification  database.  The 


result:  a  40%  increase  in  calls  and  a  one- 
month  payback  of  upfront  costs. 

TECHNOLOGY  OUTSOURCING 

Oracle’s  term  for  assuming,  for  a  fee,  the 
administration  of  a  company’s  Oracle 
database  or  application  server,  hosted 
either  on  Oracle’s  premises  or  the  cus¬ 
tomer’s,  signals  a  trend.  Other  major  soft¬ 
ware  providers  will  now  move  into  host¬ 
ing.  An  independent  review  of  Oracle’s 
outsourcing  customers  by  IDC  showed  a 
44%  to  66%  reduction  in  overall  IT  costs. 

Network  Appliance,  for  instance, 
has  used  Oracle  E-Business  Suite  Out¬ 
sourcing  to  help  consolidate  IT  systems, 
implement  a  scalable  solution  and 
decrease  the  cost  of  maintaining  appli¬ 
cations — resulting  in  20%  fewer  IT  envi- 


mm 


CASE  STUBT 


utsourcing  can  be  a  nightmare.  The  decision  to  use  an 
outside  vendor  instead  of  inhouse  resources  is  just  the 
first  step  in  a  long,  potentially  risky  chain  of  events. 
Even  if  you  determine  the  right  vendor  and  how  they  fit, 
who  has  the  time  and  expertise  to  make  sure  they  deliv¬ 
er?  To  avoid  failure  and  ensure  results,  a  rigorous  man¬ 
agement  structure  is  essential. 

Today  more  organizations  are  managing  outsourc¬ 
ing  engagements  the  way  they  manage  other  high  risk 
initiatives:  they  are  setting  up  a  project  management 
infrastructure.  This  combination  of  rigorous  vendor 
selection  PLUS  the  often  neglected  post-contract 
management  structure  has  proven  a  perfect  combi¬ 
nation  for  many  organizations.  Why?  Because  this 
strategy  allows  them  to  establish  milestones  and  performance  bench¬ 
marks,  see  early  warning  flags,  build  a  management  structure  for  main¬ 
taining  service  levels,  and  establish  a  functional  governance  structure. 

For  example,  the  Department  of  Homeland  Security’s  Bureau  of  Customs 
and  Border  Protection  (CBP  -  formerly  Customs)  called  in  Virginia-based 
project  management  consultancy  Robbins-Gioia  to  establish  a  vendor  man¬ 
agement  process,  plus  comprehensive  management  and  outsourcing  over¬ 
sight  before  the  RFP  went  out  on  its  $1.8  billion,  15-year  modernization  pro¬ 
gram  (involving  more  than  40  vendors).  Robbins-Gioia  worked  with  in-house 
staff  to  ensure  the  most  efficient,  effective  outsourcing  management  possible. 


;  .  ;■./ 

What’s  more,  for  each  phase  Robbins-Gioia  will  define  requirements, 
manage  performance,  and  provide  an  objective  management  view  to  keep 
the  project  on  track.  Congressional  and  GAO  criticism  were  harsh  in  the 
early  stages,  but  confidence  has  grown  significantly  and  recent  reports 
recognize  the  program’s  management  excellence. 

In  another  example,  a  msyor  telecommunications  equipment  manufac¬ 
turer  experiencing  serious  financial  difficulties 
wanted  to  offer  early  retirement  to  many  of  its 
most  seasoned  employees.  But  it  still  needed  to 
maintain  service  to  demanding  Fortune  500 
clients.  The  company  called  in  Robbins-Gioia  to 
implement  a  process  that  would  re-engage  a  por¬ 
tion  of  that  workforce  as  independent  contrac¬ 
tors,  making  them  available  to  handle  peak 
demand.  Robbins-Gioia  provided  a  technology  interface  and  manage¬ 
ment  oversight  for  the  installations  to  ensure  high  customer  satisfac¬ 
tion,  expedited  timelines,  and  lowered  costs.  The  end  result  was  a 
reduction  in  operating  costs  by  millions  of  dollars,  improved  customer 
satisfaction  scores,  and  an  average  reduction  in  installation  time  by 
approximately  20%. 

For  more  information  and  to  download  a  white  paper  on  vendor 
and  outsourcing  management,  please  visit 
www.robbinsgioia.com/ofrers/clo/outsourcing. 


14  STBATEIlie  DIBECTiONS 


ROBB  I N  S  G I O I A 

The  first  name 

in  project  management 

(actually,  the  first  two  names) 


In  1980,  John  Gioia  and  Jack  Robbins  had  a  vision — a  world  where  programs  were  managed  well  and 
projects  were  successful.  For  the  next  twenty  years,  they  persevered 

created  technologies  when  none  existed 
pioneered  an  industry 

established  new  project  management  communities 

and  made  sure  every  customer  was  served  well. 


Today,  our  vision  remains  the  same — to  make  our  customers  successful  through  exceptional  project  and 
program  management.  While  other  consultants  change  their  names  and  try  to  remake  themselves,  we’re 
sticking  with  what  we  know  best — managing  programs  and  managing  them  well. 


Discover  how  you  can  improve  the  outcome  of  outsourcing  projects-download 
“Outsourcing:  A  New  Approach  to  Vendor  Management”  at 
www.robbinsgioia.com/offers/cio/outsourcing 


www.robbinsgioia.com 


800.663.7138 


infoOrobbinsgioia.cor^^ 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTDNITT  KNOCKS  |  OHTSOORCINE  STRKTEGIES 


OFFSHORE  OPTIONS 

THE  MENU  OF  SERVICES  AND  PROVIDERS 
IS  AS  DIVERSE  AS  THE  CULTURES 

Significantly  lower  prices  make  offshore  outsourcing 
immensely  appealing. 

“For  ‘offshorable’  processes,”  says  Neerja  Bhargava,  presi¬ 
dent  and  CFO  of  WNS  Global  Services,  North  America,  “CIOs 
should  expect  50%  operating  cost  reductions  coupled  with 
productivity  benefits  thereafter.  Our  experience  in  most 
industries  is  that  10%  to  20%  of  the  cost  base  is  ‘offshorable,’ 
creating  the  potential  for  a  5%  to  10%  reduction  In  total  costs.” 

India  is  out  in  front  in  providing  offshore  services;  other 
msyor  markets  include  Singapore,  Mexico,  China,  Russia  and 
the  Philippines.  So-called  nearshore  sites — in  Canada, 
Mexico,  Ireland  and  Native  American  communities— are  gain¬ 
ing  in  popularity,  too,  in  the  wake  of  Sept.  11-inspired  securi¬ 
ty  concerns.  The  demand  for  lower-cost  offshore  services 
has  m£Uor  tl.S.  providers — including  IBM,  EDS,  Computer 
Sciences  Corp.,  Accenture  and  Hewlett-Packard— launching 


offshore  operations  of  their  own.  CSC,  for  example,  offers  off¬ 
shore  business  processing  outsourcing  services. 

Meanwhile,  plenty  of  large  tl.S.  corporations  are  taking 
advantage  of  offshore  outsourcing  opportunities:  Lehman 
Brothers,  for  instance,  reportedly  has  plans  to  outsource 
$400  million  to  $500  million  in  IT  services,  at  least  half  of 
which  will  be  delivered  by  Indian  providers. 

Among  the  leading  services  provided  offshore,  according 
to  a  Gartner  Dataquest  survey,  arc  enterprise  application 
integration  (EAI)  services,  applications  outsourcing,  pack¬ 
aged  application  implementation,  and  integration  with 
legacy  applications  beyond  applications  development  and 
maintenance  services.  Also,  2002  saw  more  business 
process  outsourcing— particularly  human  resources, 
finance  and  accounting,  call  centers,  and  medical  tran¬ 
scription  and  billing  functions— head  offshore. 

“The  50%  or  higher  cost  reductions  that  offshore  busi¬ 
ness  process  outsourcing  enables  can  transform  operat¬ 
ing  cost  structure,  cut  capital  assets  and  free  up 
resources  for  new  growth  opportunities,”  says  Bhargava. 
“This  means  a  CIO  can  think  dramatically  differently  about 
the  benefits  of  outsourcing.” 


ronments  maintained,  a  50%  drop  in 
support  personnel  and  a  32%  ROT. 

PROJECT  MANAGEMENT 

Managing  complex,  high-risk  initia¬ 
tives — including  the  development  and 
integration  of  people,  processes  and 
technologies — with  process- based  solu¬ 
tions  is  an  expertise  that  can  be  hard  to 
come  by,  and  worth  outsourcing. 

Using  Robbins-Gioia’s  expertise, 
one  of  the  largest  global  telecommuni¬ 
cations  providers  was  able  to  save  an 
estimated  $31  million  annually,  reduc¬ 
ing  overhead  expenses  by  40%  to  60%, 
and  decreasing  implementation  time 
while  improving  client  responsiveness 
and  end-user  satisfaction. 

BUSINESS  PROCESS 

Single-process  outsourcing  (payroll  pro¬ 
cessing,  claims  processing,  accounts 
payable,  etc.)  has  been  supplemented  by 


aggregated  process  outsourcing  offer¬ 
ings,  in  which  the  outsourcer  assumes 
responsibility  for  processes,  people  and 
technologies  affiliated  with  a  broad  fimc- 
tional  realm,  such  as  human  resources. 

WNS  Group  helped  Town  & 
Country  Assistance,  a  market  leader  in 
motor  claims  outsourcing,  reduce 
claims  data  entry  costs  by  55%. 

Sun  Life  of  Canada  reports  a  $50 
million  savings  from  outsourcing  policy 
administration  in  just  one  business  unit. 

Five  months  after  outsourcing  its 
customer  service  to  Convergys,  a  major 
software  maker  saw  the  number  of  its 
“very  satisfied”  customers  shoot  up  by  12 
percentage  points,  while  the  number  of 
“very  dissatisfied”  customers  plunged  to 
6.45%.  Credit  goes  to  Convergys’  Glob¬ 
al  Assurance  Network,  a  global  technolo¬ 
gy  solution  tliat  allows  agents  in  India  to 
view  the  same  customer  service  screen 
that  other  agents  around  tlie  world  see. 


“The  key  factor  in  business  process 
outsourcing  is  going  deep  with  one  or  a 
few  vendors,  and  jointly  innovating 
beyond  the  originally  identified  poten¬ 
tial,”  says  Neerja  Bhargava,  president 
and  CEO  of  WNS  Global  Services 
North  America. 

SECURITY 

Many  organizations  have  begun  to 
realize  that  the  kind  of  security  they 
need  goes  beyond  their  expertise. 
Managed  security  services  providers 
can  do  the  monitoring  and  manage¬ 
ment  of  firewalls  and  intrusion  detec¬ 
tion  systems. 

SUPPLY  CHAIN  MANAGEMENT 

The  opportunity  to  boost  operational 
flexibility  while  lowering  fixed  costs  and 
assets  has  organizations  outsourcing  a 
range  of  supply  chain  llinctions,  includ¬ 
ing  IT  applications  development.  SD 


16  STRATEGIC  DIRECTIONS 


CIO  ADVERTISING  SUPPLEMENT 


DPPBBTPNITY  KNOCKS  |  MEASURING  SnCCESS 

MEASURING  SUCCESS 

BEHER  (MNABEIIEflT  EOUALS  BEHER  RESULTS 


ccenture  noted  in  a 
recent  study  that  tradi¬ 
tional  outsourcing  can 
deliver  savings  of  up  to 
20%.  But  a  more  strate¬ 
gic  approach  to  out¬ 
sourcing,  with  the  same 
level  of  service,  can 
deliver  as  much  as  50% 
cost  savings  while  also 
improving  market  share  and  enabling 
strategic  risk  to  be  shared. 

FIGURING  FINANCIAL  ROI 

This  involves  direct  cost  reduction, 
which  in  outsourcing  can  range 
between  20%  and  40%,  depending  on 
several  factors: 

■  Scope  (one  function  or  an  entire 
infrastructure).  Broader  scope  equals 
greater  potential  cost  savings,  since 
the  provider  can  more  effectively 
streamline  operations  and  achieve 
economies  of  scale. 

■  Gap  (  between  a  company’s  costs 
and  industry  average).  Bigger  gap 
equals  greater  potential  cost  savings. 

■  Match  (between  a  company’s  needs 
and  provider’s  capabilities).  Better 
match  equals  greater  potential  cost 
savings. 

■  Finding  a  service  provider.  This 
can  consume  as  much  as  3%  of  a 
contract’s  value. 

■  Transitioning.  Switching  functions 
to  an  outsourcer  may  involve  trans¬ 
ferring  staff  or  moving  equipment. 

■  Management.  This  can  cost  up  to 
8%  of  the  value  of  the  contract. 


FIGURING  PERFORMANCE  ROI 

The  key  is  value  creation — improving 
an  organization’s  effectiveness  by 
boosting  the  efficiency  of  people  and 
processes.  Hard  savings  (measured 
financially)  are  overshadowed  by  other, 
“soft”  factors,  such  as  the  value  of 
responding  to  customers  more  quickly. 

A  good  outsourcer  can  reengi¬ 
neer  IT  processes  to  improve  both 
service  levels  and  capabilities  by  stan¬ 
dardizing  on  best  practices.  Hewlett- 
Packard,  for  example,  applied  best 
practices  internally  to  incident  report¬ 
ing,  with  these  results: 

■  Cut  local  end-user  support  person¬ 
nel  by  50%. 

■  Increased  resolution  rate  at  the  first 
point-of-contact  by  115%. 

■  Boosted  customer  satisfaction 
by  20%. 

■  Replaced  25  separate  North  Ameri¬ 
can  help-desks  with  one  virtual  call 
center  in  three  locations. 

■  Reduced  the  average  wait  by  48%. 

■  Lowered  the  average  cost  per  call 
by  22%. 


FIGURING  STRATEGIC  ROI 

Reinventing  the  business  is  the  focus 
of  strategic  outsourcing  ROI.  Con¬ 
sider,  for  example,  a  retailer  wanting 
to  open  an  e-commerce  sales  channel 
and  which  outsources  the  entire 
effort,  taking  advantage  of  the  service 
provider’s  expertise.  The  solution  is 
better  and  delivered  faster  than  if  it 
were  done  in-house,  resulting  in 
quicker  time-to-revenue. 

Yet  success  depends  on  both  the 
retailer  and  the  service  provider  hav¬ 
ing  a  stake  in  the  outcome,  so  their 
goals  must  be  carefully  and  closely 
aligned.  Thus,  conventional  ROI  met¬ 
rics  won’t  be  appropriate. 

Instead,  metrics  that  recognize 
the  incremental  value  created  by  the 
outsourcing  provider  have  to  be 
devised  and  used  as  the  basis  for  ROI. 
An  internal  Sears,  Roebuck  study 
found  that  a  5%  hike  in  employee  sat¬ 
isfaction  delivered  a  half-percent 
increase  in  revenues. 


OUTSOURCING  ON  THE  WEB 

For  additional  tips  on  Vendor  Selection  Criteria, 
The  ABC's  of  SLAs,  How  To  Do  a  Better  Deal 
and  more  case  studies,  please  go  to: 
www.cio.com/sponsors/sdinfo 


STRATEGIC  DIRECTIONS  17 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTDNITT  KNOCKS  I  TIPS  FROM  THE  TRENGRES 


TIPS  FROM  THE  TRENCHES 

WHUriOlSKBEFOliElllDmTHEDEIILISDIIIIE 


hese  days,  outsourcing  is  a 
buyer’s  market,  and  serv¬ 
ice  providers  have  become 
quite  accommodating  in 
their  pricing  and  packag¬ 
ing.  It’s  not  unusual  for 
CIOs  to  negotiate  con¬ 
tracts  that  replace  tradi¬ 
tional  fixed-price  and 
time-and-materials  con¬ 
tracts  with  more  flexible  transaction-  and 
incentive-based  alternatives. 

And  because  there’s  much  market¬ 
place  consolidation,  CIOs  have  learned 
that  it’s  worthwhile  to  look  carefully 
into  outsourcers’  viability  and  financial 
stability — both  before  a  contract  is 
signed  and  afterward. 

“If  the  current  baseline  and  the 
definition  of  success  are  not  established 
up  front,  and  the  relationship  is  not 
managed  to  meet  those  objectives,  the 
initiative  will  fail,”  says  Jim  Leto,  CEO 
of  Robbins-Gioia.  “If  everyone  is  on 
the  same  page  up  front  and  knows  what 


according  to  a  transaction- based  model. 

Designed  properly,  incentive-based 
pricing  can  benefit  all  parties.  Consider  a 
service  provider  compensated  according 
to  the  number  of  help-desk  incidents  to 
which  it  responds  each  month.  It  has  lit¬ 
tle  incentive  to  reduce  the  number  of  calls 
it  fields.  Yet  using  fixed  pricing  along  with 
the  right  contract  parameters,  however, 
the  provider  would  make  money  only  by 
designing  out  underlying  problems  and 
reducing  the  number  of  help-desk  calls. 

Be  sure  to  tise  service-level  agree¬ 
ments  (SLAs)  that  incorporate  quantifi¬ 
able  measures  to  nail  down  the  scope 
and  delivery  schedules  of  your  project. 
Some  organizations  use  a  technique 
called  function  point  analysis  to  estimate 
project  size,  manage  changes  and  com¬ 
municate  requirements  to  providers. 

“Firms  need  to  have  solid  SLA  and 
measurements  to  make  the  deal  fair  and 
equitable  in  both  directions,”  says  Keith 
Morrow,  vice  president  of  information 
systems  at  convenience  retailer  7- 


Manage  your  service  providers. 
“Left  to  their  own  devices,  outsourcers 
will  over- engineer  solutions  and  layer 
costs  almost  subconsciously  over  time,” 
says  Morrow.  “They  will  tend  to  pick 
the  safest  solutions  with  the  highest 
margins,  which  may  not  be  what  the 
customer  needs.” 

GEHING  THE  MOST  FROM  OFFSHORE 
PROVIDERS 

Offshore  service  providers  can  offer 
U.S.  companies  labor  savings  of  up  to 
50%.  To  really  get  your  money’s  worth, 
keep  these  considerations  in  mind: 

■  SOME  FUNCTIONS  ARE  BETTER  OUT¬ 
SOURCED  OFFSHORE  THAN  OTHERS 

“Offshore  outsourcing  is  not  cur¬ 
rently  ideal  for  applications  supporting 
rapidly  or  constantly  changing  business 
processes,  and  for  applications  that  are 
technologically  unstable,”  says  Dean 
Davison,  vice  president  and  service 
director  at  Meta  Group. 


CIOS  HAVE  LEARNED  THAT  IT’S  WORTHWHILE  TO 
LOOK  CAREFULLY  INTO  OUTSOURCERS’  VIABILITY 


AND  FINANCIAL  STABILITY—BOTH  BEFORE  A 


CONTRACT 


AND  AFTERWARD. 


the  expectations  will  be — how  risks  and 
issues  will  be  handled  and  how  the 
engagement  will  be  managed — that’s 
more  than  half  the  battle.” 

Some  suggestions: 

Consider  mixing  pricing  models.  Some 
companies  break  up  projects  into  phas¬ 
es — phase  one  might  be  done  on  a  fixed- 
price  basis,  while  the  rest  is  executed 


Eleven.  “I  spend  most  of  my  time  in 
this  area  of  the  contract.” 

Before  you  sign  the  contract,  make 
sure  that  you  and  die  provider  agree  on 
the  solution  to  be  provided,  a  transi¬ 
tion  plan,  and  multiyear  pricing  and 
governance.  Doing  this  after  the  contract 
is  signed  can  get  expensive.  And  carefully 
negotiate  and  review  termination  fees. 


Projects  with  longer  development 
cycles  do  better  abroad  than  those 
involving  substantial  collaborative  effort 
between  business  units  or  short  lead 
times,  he  explains.  The  best  bet  for  out¬ 
sourcing  offshore  are  projects  that  sup¬ 
plement  existing  IT  resources  for  a 
short  time,  those  involving  new  appli¬ 
cations  whose  time-to-market  needs  are 


18  STRATEGIC  DIRECTIONS 


CIO  ADVERTISING  SUPPLEMENT 


OPPORTUNITY  KNOCKS 


TIPS  FROM  THE  TRENCHES 


accelerating  and  those  that  expand 
technical  expertise. 

“If  the  objective  is  to  save  money, 
then  the  leverage  is  in  the  number  of 
resources  you  can  put  offshore,”  says 
Rita  Terdiman,  research  vice  president 
of  Gartner  IT  Services  and  Sourcing. 
“If  a  project  requires  tremendous 
onsite  interaction  with  end  users,  then 
you  will  not  achieve  this  offsite  lever¬ 
age.  The  conventional  wisdom  is  that 
you  should  be  careful  if  there  is  too 
much  complexity,  change  or  ambiguity, 
or  if  the  project  requires  an  intense 
amount  of  business  expertise  (process, 
vertical  or  company-specific).” 

The  processes  that  a  CIO  uses  to 
manage  offshore  outsourcing  are  more 
important  than  the  outsourcer’s  tech¬ 


nologies  and  tools.  For  offshore  out¬ 
sourcing  success,  focus  on; 

■  An  SLA  that  clearly  defines  project 
scope,  responsibilities,  etc. 

■  Senior  executive  management  and 
active  onsite  project  management. 

■  A  quality  assurance  program,  which 
will  improve  project  deployment. 

■  DON’T  FORGET  ABOUT  SECURITY 

Use  multiple  offshore  providers 
from  different  parts  of  the  world  on 
the  same  project.  If  problems  (such  as 
labor  or  political  situations)  arise, 
you’ve  got  built-in  backup. 

Get  assurances  in  writing  from  off¬ 
shore  providers  about  the  security,  pri¬ 
vacy  and  confidentiality  protections  you 
want — but  remember  that  getting  legal 


redress  can  be  more  difficult  overseas. 

Use  code  verification  systems  to 
review  code  changes  made  offshore. 

A  PARTING  THOUGHT 

“Many  organizations  are  attracted  to  an 
outsourced  model  because  of  the 
potential  for  cost  savings  and  the  prom¬ 
ise  of  fewer  distractions  from  the  core 
business,”  says  Leto,  of  Robbins-Gioia. 
“If  you  don’t  really  analyze  what  you 
need,  why  you  need  it  and  how  you’ll 
know  if  it’s  successful,  nothing  your 
outsourcer  does  will  satisfy  you — leav¬ 
ing  everyone  in  a  lose-lose  situation.  If 
you’re  very  clear  about  what  success 
means  and  how  it  will  be  accomplished, 
it’s  much  more  likely  that  you’ll  end  up 
where  you  want  to  be.”  SD 


CASE  STUDY 


0  maintain  it’s  especially  fast  growth,  Charlotte,  North 
Carolina  based  Kvaerner  Power  Inc.  (a  unit  of  Norway’s 
famous  boilermakers,  Aker-Kvaerner  Group)  knew  it  need¬ 
ed  to  modernize  its  financial  operation  and  streamline  how 
it  managed  huge  equipment-installation  projects.  The  solu¬ 
tion  would  have  to  be  reliable  and  easy  to  operate,  so  it 
wouldn’t  distract  the  company  from  its  main  business.  Oracle  E-Business 
Suite  Outsourcing  proved  to  be  the  answer, 
giving  Kvaerner  access  to  Oracle  E-Business 
Suite  and  its  tightly  integrated  applications  for 
automating  finances,  order  fulfillment,  invento¬ 
ry  and  project  management  while  delivering  the  applications  conveniently 
and  cost-effectively  through  Oracle’s  outsourcing  service. 

ROI  OVER  100% 

According  to  an  independent  study,  Kvaerner  generated  enough  benefits  in 
productivity  savings  and  enhanced  profitability  to  pay  for  its  Oracle  invest¬ 
ment  in  13  months.  Implemented  in  September  2001,  the  Oracle  E-Business 
Suite  Outsourcing  solution  began  showing  positive  operating  earnings  by 
the  end  of  2002,  and  will  continue  contributing  to  operating  margins  for 
years  to  come. 

The  study  also  showed  that  Kvaerner’s  investment,  in  today’s  dollars, 
would  yield  approximately  $3.4  million  in  benefits  over  the  life  of  the  proj¬ 
ect,  including  $3.16  million  in  productivity-based  cost  savings  and  $0.23  mil¬ 


lion  in  new-business  profitability.  Minus  investment  costs,  the  net  benefit  of 
the  Oracle  project  comes  to  approximately  $2.7  million,  generating  a  return 
on  investment  (ROI)  of  well  over  100%. 

SAVING  MONEY;  BOOSTING  MARGINS 

One  of  the  largest  sources  of  savings  came  from  Kvaerner’s  decision  to 
outsource  the  software  to  Oracle.  Since  it  no  longer  had  to  perform  rou¬ 
tine  software-  and  hardware-maintenance 
activities,  Kvaerner  was  able  to  shrink  its  IT 
group  73%  through  attrition  and  contractor 
reductions,  saving  $390,000  per  year.  And  the 
company  was  able  to  permanently  forego  the  purchase  of  new  server 
hardware— a  $150,000  outlay  the  company  had  been  making  roughly  every 
three  years  to  keep  up  with  its  growing  computing  needs. 

Impressive.  But  it’s  not  the  whole  story.  Since  teaming  with  Oracle, 
Kvaerner  has  been  able  to  reduce  receivables,  increase  its  cash  flow  by 
$600K,  report  inventory  turnover  up  43%,  and  order  processing  time 
down  by  83%.  What’s  more,  Oracle  Outsourcing  has  yielded  numerous 
benefits  besides  cost  savings  including  more  intelligent  sales  and  mar¬ 
keting  which  boost  gross  margins,  as  well  as  better  project  visibility  and 
cost  control. 


For  more  about  how  Oracle  Outsourcing  can  help  you,  visit 
www.oracle.com 


STIUTEIIIC  DIRECTIONS  19 


The  Application  Server 

with  Built  In  Business  Intelligence 


Business 

Intelligence 


Content 

Management 


Application 

Integration 


Application 

Server 


Web  Services 


Wireless 


Portal 


All  the  Middleware  you  need 
integrated  into  one  Application  Server 


oracle.com/theappserver 
or  call  1.800.633.0546 

Copyright  ©2002,  Oracle.  All  rights  reserved.  Oracle  is  a  registered  trademark  of  Oracle  Corporation  and/or  its  affiliates. 


You 

A  hard  look  ahead 
Phoenix,  AZ 
Nov.  2-4, 2003 
The  impact  on  you 


CIO 


The  Resource  for 
Information  Executives 


'  .>r  IT’  ’ 

U  . .  .T '  fr  • 


Call  800  366-0246  or  visit  www.cio.com/conferences 


Q&A  I  Alan  Westin  on  Privacy 


CIO  asked  Westin  to  direct  his  attention  to 
the  role  that  the  keeper  of  the  customer 
database — the  CIO — plays  in  managing  this 
conflict.  Senior  Writer  Sarah  D.  Scalet  talked 
with  Westin  about  that  challenge. 

CIO:  In  terms  of  privacy  protection,  how 
has  the  role  of  the  CIO  changed  over  the 
years? 

Alan  Westin:  It  used  to  be  that  whoever  was 
in  charge  of  the  information  function  looked 
at  hardware  and  software  solutions,  and  the 
users  would  just  tell  her  what  to  do  in  terms 
of  how  data  was  formatted  or  delivered. 
CIOs  today  adjudicate  between  marketing 
and  customer  relations  managers — who 
want  data  information  brought  in  from 
third-party  suppliers  and  want  to  produce 
detailed  profiles  of  customers  and  projects — 
and  the  chief  privacy  officer — who  advo¬ 
cates  being  careful  to  meet  regulations  at  the 
state  and  federal  levels. 

It  sounds  like  the  CIO  has  to  broker  the  rela¬ 
tionship  between  those  conflicting  parties. 

Yes,  but  I’m  a  little  concerned  about  using 
the  word  broker  because  it  implies  that 
CIOs  have  the  command  role,  and  they 
don’t.  The  command  role  is  going  to  be 
either  the  legal  department  or  top  manage¬ 
ment,  which  says,  OK,  we’ve  listened  to  the 
marketing  people,  we’ve  listened  to  the  pri¬ 
vacy  officer,  and  this  is  what  I,  the  top  man¬ 
agement,  want  you,  the  CIO,  to  do.  I  don’t 
think  the  CIO  is  a  referee. 

Opt-outs  or  opt-ins  are  where  the  rubber 
hits  the  road.  The  company  says.  If  you 
don’t  want  to  receive  this  kind  of  material 
from  us,  check  this  box  or  call  this  toll-free 
number.  That  information  goes  into  a  sys¬ 
tem  that  the  CIO  administers.  And  against  a 
database  composed  of  25  million  credit  card 
holders,  the  CIO  needs  to  suppress  market¬ 
ing  to  the  100,000  or  3  million  customers 
who  have  said,  No,  I  don’t  want  that  com¬ 
munication.  Obviously  it  raises  huge  data 
management  issues. 

If  you  get  the  marketing  people  and  the 
privacy  officer  and  the  CIO  together,  they 
can  say.  We  don’t  want  to  give  up  the 


opportunity  to  market  related  products  to 
our  existing  marketing  database,  but  we 
know  that  there’s  a  small  segment  of  cus¬ 
tomers  who  will  be  outraged  if  that  hap¬ 
pens.  The  company  might  set  up  the 
following  options:  1.  Customers  can  opt  out 
of  any  contact  other  than  the  service  delivery 
that  they’ve  signed  up  for;  or  2.  They  could 
opt  out  of  any  telemarketing  calls  but  not 
opt  out  of  written  communication.  The 
CIO’s  role  is  to  show  how  refined  programs 
like  that  can  be  implemented. 


What  is  the  ultimate  goal  of  this  balancing 
act? 

This  act  gets  the  maximum  number  of  your 
customers  comfortable  with  the  way  you  are 
handling  their  information  and  presenting 
them  with  options. 

What  about  offering  customers  the  chance 
to  see  the  information  in  their  records? 

That  raises  a  lot  of  complicated  issues 
because  what  exactly  is  it  that  the  consumer 
gets  access  to?  If  it’s  just  a  transaction,  that’s 
not  a  big  problem.  But  behind  transaction 
records  is  a  marketing  database.  Most  com¬ 
panies  have  added  information  from  what’s 
known  as  ZIP-plus-four  databases,  which 
will  say  that  Alan  Westin  lives  in  a  block  in 
which  the  average  house  costs  so  much,  and 
the  ethnic  make-up  is  such  and  such,  and 
residents  are  mostly  retired  and  so  forth.  The 
issue  is,  if  I  want  to  see  what  information  a 
company  has  about  me  in  my  credit  card 
file,  do  I  get  to  see  that?  Most  companies 
would  turn  purple  at  that  idea.  The  Federal 
Trade  Commission  had  a  task  force  look  at 
the  issue,  and  it  was  unable  to  come  to  any 
firm  conclusion  because  this  issue  divides 
the  consumer  groups  and  the  business 
groups  so  fundamentally. 

How  does  the  USA  Patriot  Act  affect  the 
CIO’s  role? 

An  area  that’s  going  to  be  extremely  impor¬ 
tant  for  CIOs  is  the  whole  question  of  com¬ 
pliance  with  demands  from  the  government’s 
new  antiterrorist  investigators,  who  want 
direct  access  to  companies’  consumer  data, 
under  the  Patriot  Act  and  CAPPS  II  [the 
Transportation  Security  Administration’s 
new  passenger  screening  system].  The  gov¬ 
ernment  is  given  the  legal  right  to  ask  for 
e-mail  transactions,  financial  transactions 
and  various  kinds  of  telephone  communica¬ 
tions,  and  as  a  result,  companies  are  going  to 
be  caught  in  the  cross  fire.  On  one  hand, 
they  want  to  comply  with  the  government’s 
requests  because  we  all  understand  that  this 
is  not  a  phony  danger.  On  the  other  hand, 
they  have  to  worry  about  the  trust  of  their 
customers;  if  customers  feel  that  every  time 


“The  command 
role  is  going  to  be 
either  the  legal 
department  or  top 
management, 
which  says,  OK, 
we’ve  listened  to 
the  marketing 
people,  we’ve 
listened  to  the 
privacy  officer, 
and  this  is  what  I, 
the  top  manage¬ 
ment,  want  you, 
the  CIO,  to  do.’’ 

-ALAN  WESTIN 


68  CIO  JUNE  15,  2003  •  www.c/o.com 


1 

1 

1 _ ^ 

* 

/  _ 

H  . J  7 

T  WIf  J 

We  see  management 
a  little  differently 
from  the  other  guys. 


At  NetlQ,  we  don't  see  a  problem.  Only  solutions. 
Managing  your  Windows  server  environment  is  easier 
than  ever  with  Microsoft  Operations  Manager.  And, 
as  a  key  Microsoft  partner,  NetlQ  extends  Microsoft 
Operations  Manager  to  manage  and  secure  your 
entire  enterprise,  whether  you're  driving  UNIX, 
NetWare,  Linux,  Windows.. .or  all  of  them.  NetlQ. 
We're  the  management  people.  And  nobody  does 
management  smarter.  Nobody. 


►► 


w 


CIO  eBook!  Get  your  free  copy  of  From  Chaos  to  Control: 
The  CIO's  Executive  Guide  to  Managing  and  Securing 
the  Enterprise,  www.netiq.com/manageability. 


a 

net©. 

Work  Smarter, 


©Copyright  2003  NetlQ  Corporation.  All  rights  reserved.NetlQ  and  the  NetlQ  logo  are  registered  trademarks  of  the  NetlQ  Corporation. 
All  other  names  and  products  mentioned  herein  may  be  the  registered  trademarks  of  their  respective  companies. 


Q&A  I  Alan  Westin  on  Privacy 


they  give  information  to  their  bank  or  credit 
card  company  or  insurance  firm  it’s  going  to 
the  government. 

We’re  just  beginning  to  say.  What  kind  of 
a  system  should  there  be  for  giving  the  gov¬ 
ernment  access?  In  the  past,  that  was  always 
under  very  strict  rules  set  by  things  such  as 
the  Right  to  Financial  Privacy  Act  of  1978, 
which  said  that  if  the  government  wants  to 
get  that  information,  it  must  have  a  subpoena 
or  a  court  order.  The  Patriot  Act  wiped  that 
away.  But  where  is  the  control?  Where  will 
the  safeguards  be?  The  CIO  is  going  to  be 
involved  when  the  federal  government  comes 
to  Delta  Air  Lines  or  American  Airlines  and 
says.  We  want  this  information  from  you,  and 
we  want  it  in  30  seconds.  I  don’t  expect  the 
CIO  to  stand  up  and  say  no.  The  privacy  offi¬ 
cer  has  to  raise  all  kinds  of  questions  about 
what  kind  of  audit  trail  should  be  created. 
(For  more  information,  see  “What  to  Do 
When  Uncle  Sam  Wants  Your  Data”  at 
ivunv.  do.  com/printlinks.) 

If  you’re  talking  about  the  competing  inter¬ 
ests  of  privacy  and  marketing  and  so  on, 
when  you  insert  an  outside  party  like  the 
government  into  the  equation,  it  throws  off 
whatever  kind  of  balance  the  company  was 
working  toward. 

That’s  correct.  But  that’s  what  happened  on 
Sept.  11.  If  we  don’t  have  access  to  this  kind 
of  information,  then  the  likelihood  of  our 
being  successful  in  controlling  terrorism  is 
going  to  be  low.  I  think  the  Patriot  Act  is  a 
justified  piece  of  legislation.  The  issues  are 
always  the  safeguards  and  the  misuse  of 
information.  For  example,  DARPA’s  Total 
Information  Awareness  project  was  a 
thoughtless  and  overblown  approach  that 
somehow  assumed  that  magic  algorithms 
could  be  applied  that  would  extract  [mean- 

peer  resources 

A  recent  survey  on  the  state  of  information 
security  shows  a  disturbing  point-solution 
mind-set.  Check  out  the  sorry  findings  in 

SECURITY  INSECURITY.  Find  the  link  at 
www.csoonline.com. 


“People  in  very 
large  numbers 
are  going  to  sign 
up  for  that  Do  Not 
Call  list.  It  will 
take  a  high  level  of 
care  on  the  CIO’s 
part  to  help  keep 
track  of  them, 
and  if  a  clerk  gets 
careless  or  makes 
a  mistake,  it  could 
get  costly.” 

-ALAN  WESTIN 


ing]  from  this  enormous  mass  of  private- 
sector  data  added  to  public  data — that 
somehow  up  would  pop  the  bearded  face 
of  Osama  bin  Laden. 

How  big  of  an  impact  do  you  think  the  FTC’s 
Do  Not  Call  list  will  have  on  companies? 

People  in  very  large  numbers  are  going  to 
sign  up  for  that  Do  Not  Call  list,  which  is  a 
registry  of  numbers  that  companies  cannot 
call.  However,  it  will  take  a  high  level  of  care 
on  the  CIO’s  part  to  help  keep  track  of  those 
numbers,  and  if  a  clerk  gets  careless  or 
makes  a  mistake,  it  could  get  costly. 


In  a  bigger  sense,  I  think  this  is  the  begin¬ 
ning  of  the  end  of  the  targeted  marketing 
era.  That  list  is  going  to  be  a  catalyst  that 
moves  companies  into  a  whole  consumer 
permission  mode.  If  you  think  about  it  his¬ 
torically,  until  the  1980s,  companies  engaged 
in  mass  marketing — newspapers,  TV,  radio 
and  billboard  displays — then  moved  into 
target  marketing.  The  idea  was  that  we  must 
know  you  to  serve  you;  and  we’re  going  to 
collect  a  lot  of  profile  information;  and  you 
should  like  it  because  after  all  we’ll  now 
know  that  you  like  to  sail,  so  we’ll  tell  you 
about  sailboats,  or  if  you  like  to  go  to  Italy 
we’ll  tell  you  about  Italian  vacations.  What 
companies  didn’t  realize — or  if  they  did, 
they  didn’t  care — is  that  there  comes  a  point 
where  people  get  saturated  by  that  kind  of 
intrusive  marketing.  Between  telemarketing 
and  spam,  you  have  about  as  fed  up  a  pub¬ 
lic  as  I’ve  ever  seen  on  any  consumer  issue. 
The  strongest  piece  of  evidence  is  the  pas¬ 
sage  of  the  Do  Not  Call  list  against  the 
immense  lobbying  of  the  direct-marketing 
industry  and  all  its  practitioners.  Public 
anger  was  so  great  that  politicians  and  leg¬ 
islators  just  had  to  respond. 

Do  you  consider  yourself  an  advocate  for 
privacy? 

I’m  a  balance  person.  I  identify  dangers  to 
privacy,  but  my  solutions  are  much  more 
about  recognizing  the  competing  values  that 
need  to  be  brought  into  some  kind  of  har¬ 
mony.  I  appreciate  the  roles  of  the  Ameri¬ 
can  Civil  Liberties  Union,  the  Electronic 
Privacy  Information  Center  and  the  Center 
for  Democracy  and  Technology  in  always 
being  the  advocates  of  the  total  privacy  solu¬ 
tion,  but  I  would  never  want  to  live  under 
their  regimes — ^not  that  I  mind  their  pointing 
out  dangers  in  various  kinds  of  new  anti¬ 
surveillance  proposals. 

I’m  a  Libra,  which  is  the  scales.  On  one 
hand  this;  on  the  other  hand  that.  If  you’re 
a  Libra,  balance  is  what  the  stars  have  given 
you — or  cursed  you  to.  HTH 


Senior  Writer  Sarah  D.  Scalet  can  be  reached  at 
sscalet@cio.com. 


7  0  CIO  JUNE  15,  2003  •  www.cio.com 


This  little  book  is  free. 

It  could  save  you  millions. 

Outsourcing  is  a  big  deal.  How  you  structure  your  outsourcing  agreement 
will  determine  its  success  or  failure.  But  doing  it  right  isn’t  easy.  This  little 
book  from  Gartner  tells  you  how  to  build  a  durable  deal  that  could  save  you 
a  lot  of  time  and  money. 

The  cost  is  zero.  Not  a  bad  deal. 

For  your  free  copy  and  to  learn  more  about  the  Gartner  Outsourcing  Summit, 
just  call  +1  203  316  1111  or  go  to  gartner.com/outsourcing. 


H 


Outsourcing 


©  2003  Gartner,  Inc.  and/or  its  affiliates.  All  rights  reserved. 
Gartner  is  a  registered  trademark  of  Gartner,  Inc.  or  its  affiliates. 


Gartner. 


Alignment  Tactics 


For  top  CIOs,  alignment  is  not  a  goal.  It’s  a  way 
of  life.  Here’s  a  list  of  tactics  that  you  should 
adopt  as  your  own.  bytodddatz 


Reader  ROI 

How  strong  CIOs  define 
their  roles  through 
IT-business  alignment 

How  to  engage  business 
unit  leaders 

Why  IT  governance  is  a 
key  alignment  factor 


IM  MILDE,  senior  vice  president 
and  CIO  for  Sony  Electronics,  sounds 
euphemistic  when  he  summarizes  how 
the  fortunes  of  IS  have  changed  in  recent 
years.  “I  think  historically,  when  a  com¬ 
pany  is  growing  like  crazy,  the  role  of  IS  is 
just  try  to  keep  up.  We’re  going  through  a 
period  now  where  there’s  much  more 
focus  on  cost  structure  and  process. 


JIM  MILDE 


We’re  at  a  point  where  we  believe  there’s  a  huge  opportunity 


to  drive  continued  operating  efficiencies  through  our  busi¬ 


ness.”  TRANSLATION>  Growth  and  innovation  have  taken  a 


backseat  to  relentless  cost-cutting  and  short-term  payback. 
That  means  the  temperature  has  been  ratcheted  up  on  CIOs. 
For  those  who  can’t  take  the  heat,  the  powers  that  be  will  make 
sure  the  kitchen  exits  are  well-marked. 


I 

Alignment  Tactics  | 


Time  to  throw  in  the  towel  and  retreat 
into  the  IS  cocoon?  No  way.  Instead,  the 
economic  and  budget  pressures  you  face 
make  now  the  time  to  renew  your  com¬ 
mitment  to  solidifying  relationships  with 
your  fellow  business  executives.  Now  is 
the  time  to  make  sure  your  IS  governance 
is  effective.  Now  is  the  time  to  trumpet  IT 
initiatives  to  the  rest  of  the  company.  And 
last,  but  far  from  least,  now  is  the  time  to 
put  all  your  available  energies  into  align¬ 
ing  your  staff  and  projects  and  budgets 
and  strategy  with  the  lines  of  business. 

Sure,  alignment  is  one  of  those  topics  that 
never  seems  to  go  away.  But  “old  hat” 
doesn’t  mean  “stuff  that  hat  in  the  closet  and 
forget  about  it.”  In  The  Conference  Board’s 
2002  survey  of  global  CEOs,  50  percent  of 
the  respondents  identified  business  and  IT 
alignment  as  a  high  priority.  (By  contrast, 
only  20  percent  said  implementing  new  tech¬ 
nologies  was  top  of  list.) 

Alignment  is  not  new,  but  it’s  certainly 
not  a  given  either.  “It’s  still  more  common 
than  not  that  IT  and  the  business  are  not 
aligned,  and  that  CIOs  don’t  have  quality 
relationships  with  people  that  matter  in  the 
business,”  says  Michael  Earl,  professor  of 
information  management  at  the  London 
Business  School.  CIOs  must  work  with  line 
of  business  managers  to  get  benefits  out  of 
existing  IT  investments,  to  set  performance 
targets,  to  answer  the  pressure  to  save 
money  and  wring  efficiencies  out  of  opera¬ 
tions,  he  adds. 

Below  are  six  habits  that  highly  effeaive 
CIOs  employ  to  cope  with  the  pressure- 
cooker  arena  in  which  they  play.  Some  may 
be  familiar;  others  may  be  additions  to  your 
portfolio.  All  of  them  will  help  you  position 
yourself  and  the  IS  function  to  succeed  now 
and  in  the  uncertain  months  ahead. 


HABIT 

NUMBER 


Commit  to  the  care 
and  feeding  of  top 
management. 


That  doesn’t  necessarily  mean 
trying  to  get  in  on  the  CEO’s 
biannual  white-water  rafting 
excursion.  But  you’ve  a  better  chance  of 


74  CIO  JUNE  15,  2003  •  www.cio.com 


I’m  more 
of  a 

client  service 
advocate 
than  an 
IT  advocate. 

-Harvey  Schafle,  VP  of  IT 
at  DDS  Distribution  Systems 

earning  a  paddle  if  you’re  on  the  top  lead¬ 
ership  team  in  the  company.  In  a  recent 
Garmer  survey  of  CIOs,  maintaining  superb 
relationships  with  the  senior-level  team 
ranked  first  on  the  management  agenda. 
“Actively  engaging  the  business  unit  head 
and  leadership  team  ensures  you’re  involved 
in  day-to-day  decisions.  I  think  CIOs  realize 
if  you’re  not  sitting  there  at  the  executive 
table,  you  won’t  be  able  to  make  a  differ¬ 
ence,”  says  Ellen  Kitzis,  Gartner  group  vice 
president  of  executive  programs  for  the 
Americas.  She  argues,  in  fact,  that  if  CIOs 
aren’t  at  the  table,  “then  alignment  doesn’t 
make  a  difference.” 

Some  CIOs  with  a  seat  at  the  table  con¬ 
sider  themselves  business  leaders  first,  tech¬ 
nology  leaders  second.  That  paves  the  way 
for  tight  partnering;  a  business-first  CIO 
discourages  “the  IT  guy”  label.  Eugene 
Stein,  chief  knowledge  officer  and  global 
head  of  technology  at  New  York  City- 
based  White  &  Case,  a  global  law  firm. 


says,  “I’m  part  of  the  business  side.  I  par¬ 
ticipate  in  the  day-to-day  business  opera¬ 
tions  for  everything,  not  just  technology.”! 
In  fact.  White  &  Case  created  the  position! 
for  Stein  because  technology  is  a  key  padj 
of  the  practice,  he  says.  [ 

It  doesn’t  hurt  that  Stein,  who  began  hisj 
career  in  IT  as  an  entry-level  programmer;l 
is  also  a  la\vyer.  Stein  put  his  two-headedj 
background  to  good  use  by  recently  improv-| 
ing  one  of  the  firm’s  knowledge  manage-j 
ment  and  CRM  systems.  After  lawyersj 
complained  about  the  way  they  had  to  enterj 
their  timesheets,  he  and  his  staff  redesignedj 
the  entry  field  and  added  an  extra  field! 
where  lawyers  could  type  in  what  was! 
worth  knowing  about  the  time  they  spentj 
working  on  a  project.  They  also  can  enterj 
who  the  client  contact  was  and  what  they} 
discussed.  Because  of  the  information  they’re; 

j 

capturing,  “We’re  now  able  to  find  key  con-; 
tacts,  generate  new  business  and  provide’ 
better  service  to  clients,”  Stein  says.  ! 

Harvey  Schafle,  vice  president  of  IT  at| 
DDS  Distribution  Systems,  a  third-party} 
logistics  and  fulfillment  house,  also  tipSj 
toward  the  business  side.  “I  feel  I’m  morej 
of  a  client  service  and  production  advocate! 
than  an  IT  advocate,”  he  says.  That  means! 
Schafle  makes  every  effort  to  view  IT  from; 
the  users’  perspective  and  to  make  sure  hisi 
department  understands  their  needs.! 
“There’s  a  tendency  for  IT  people  to  do  the; 
most  interesting  thing,  not  necessarily  the! 
best  thing,”  he  explains. 

Stein  reports  to  the  head  of  his  firm,  andj 
Schafle  reports  to  his  CEO  and  sits  ort 
DDS’s  four-person  corporate  leadership; 
team.  Regardless  of  where  you  sit,  building} 
credibility  and  trust  with  line  of  business} 
heads  is  critical.  After  Milde  joined  Sony! 
Electronics  last  year,  he  spent  the  first  few| 
months  soliciting  feedback  from  the  busi-| 
ness  units  and  external  customers.  What  was’ 

i 

IS  doing  and  not  doing  well?  Making  that 
effort  helped  him  build  trust  with  his  peers;! 
it  also  gave  business  leaders  a  greater  under-! 
standing  of  the  IS  agenda.  And  Milde?  He| 
also  serves  on  Sony  Electronics’  senior  man-j 
agement  committee.  I 


HABIT 

NUMBER 


2 


Govern  wisely. 

Having  a  strong  IT  decision¬ 
making  structure  in  place  can 
force  businesspeople  to  think  of 
IT’s  role  in  the  overall  enter¬ 
prise  (not  just  division  by  divi¬ 
sion).  It  can  also  better  align  IT  strategy  with 
corporate  strategy — making  sure  that  they 
are  one  and  the  same.  Ideally,  senior  man¬ 
agement  is  part  of  that  structure. 

At  financial  holding  company  National 
'City,  Executive  Vice  President  and  CIO  Jim 
Hughes  runs  the  strategic  priorities  com¬ 
mittee,  which  includes  the  company’s 
chairman,  two  vice  chairmen  and  the  heads 
of  each  line  of  business.  The  committee 
meets  monthly  and  reviews  all  upcoming 
and  existing  IT  initiatives.  Hughes  says  he 
iwas  brought  in  as  change  agent  five  years 
ago  to  redefine  how  IS  worked  and  to  over¬ 
come  “a  lack  of  confidence  in  the  IS  organ¬ 
ization  to  deliver.”  One  of  the  ways  he  did 
;  jso  was  by  redesigning  the  committee  to 
include  its  current  makeup.  By  working 
(closely  with  the  business,  Hughes  says, 
“there’s  been  much  tighter  alignment,  and 
we’re  much  more  strategic  in  the  way  we 
think  about,  plan  and  execute  projects.” 

Successful  governance  doesn’t  require  an 
IT  supergroup.  Divisional  IT  steering  com¬ 
mittees,  made  up  of  senior  leaders  in  each 
division,  are  common  in  decentralized  com¬ 
panies.  At  drug  maker  Schering-Plough, 
divisional  information  officers  (DIOs)  meet 
regularly  with  their  business  counterparts  in 
the  company’s  four  divisions  (animal/health, 
international,  manufacturing,  and  sales  and 
marketing).  “The  DIOs’  mission  is  to  tightly 
align  the  IT  with  the  business,”  says  Donald 
Lemma,  vice  president  and  CIO  of  the 
Kenilworth,  N.J. -based  company. 

Governance  is  top  of  mind  among  CIOs 
these  days,  Kitzis  says.  And  with  good  reason. 
“If  I  look  at  alignment,  good  governance  and 
involvement  with  the  leadership  team,  the  last 
two  are  absolutely  required  elements.  Align¬ 
ment  is  necessary  but  not  a  sufficient  condition 
for  success,”  Kitzis  says.  (For  more  on  IT 
responsibilities,  see  “Better  Governance”  at 
tmvw.  do.  com/printlinks. ) 


Risk-Taking  (Still)  Encouraged 

Alignment  doesn’t  have  to  mean  you  can’t  take  chances 


Don't  sacrifice  innovation,  high  returns  and  long-term  strategy  by  playing 
too  conservative  a  hand.  CIOs  face  many  a  danger  if  they  focus  too  hard  on 
cost-cutting  and  short-term  payback. 

"I  wonder  whether  or  not  they’re  thinking  as  strategically  as  they  should  be,” 
says  John  J.  Davis,  president  of  John  J.  Davis  &  Associates,  a  CIO  recruitment 
company.  And  it’s  hard  to  argue  that  innovation  suffers  as  companies  cut  back  on 
investing  in  higher-risk  IT  initiatives  with  long-term  ROI. 

John  Hagel,  a  management  consultant  and  author  of  Out  of  the  Box,  says  that 
for  the  past  couple  of  years,  CIOs  ‘‘are  becoming  much  more  risk-averse  and  more 
resistant  to  new  technology.  At  the  same  time,  line  executives  are  becoming  more 
risk-taking,  particularly  if  it’s  [about]  near-term  cost  reduction  opportunities.” 

The  example  Hagel  cites  to  support  his  thesis  revolves  around  Web  services. 
He  has  studied  about  60  deployments  of  Web  services  and  found  the  unexpected: 
Of  those  60,  at  least  two-thirds  were  under  the  CIOs’  radar  screen. 

Hagel  says  that  business  line  managers,  who  need  to  cut  costs  themselves, 
fear  that  risk-averse  CIOs  might  put  the  kibosh  on  their  Web  services  requests. 
So  to  get  more  functionality  from  the  systems  they  already  have  in  place  and  con¬ 
nect  more  effectively  with  business  partners,  the  business  line  managers  are 
going  it  alone. 

Such  deployments  present  a  host  of  lost  opportunities  for  CIOs;  but  there  are 
ways  CIOs  can  get  their  groove  back. 

“Many  of  the  nontechnology  business  leaders  driving  this  are  feeling  very 
exposed.  They  know  [Web  services]  is  not  very  mature  and  that  there  are  ques¬ 
tions  of  security  and  scalability.. .so  they  know  they  are  taking  real  risks  here,” 
says  Hagel.  “It  would  behoove  CIOs  to  become  [greater]  champions  of  this  tech¬ 
nology  and  collaborate  with  business  colleagues  to  harness  value.” 

Also,  CIOs  could  be  very  helpful  in  ensuring  that  line  executives  deploy  the  tech¬ 
nology  in  the  areas  that  would  have  the  highest  impact  for  the  enterprise.  Finally, 
by  proactively  working  with  line  execs,  CIOs  could  ensure  themselves  a  shot  at 
developing  an  architecture  plan  that  takes  Web  services  apps  into  account.  -T.D. 


Assign  direct  reports 
to  be  business  unit 
ambassadors. 

How  can  you  truly  understand 
the  needs  of  a  business — and 
manage  user  expectations — if 
you  don’t  have  an  IS  point  person  wound  as 
tightly  into  that  business  as  a  Greg  Maddux 
curve  ball?  Call  them  relationship  managers 
or  IS  business  partners.  They’re  your  lifeline 
to  the  business  functions.  In  many  compa¬ 


nies,  they  may  report  directly  to  the  CIO  but 
have  a  dotted-line  (and  sometime  direct-line) 
relationship  to  the  head  of  a  business. 

At  Capital  One  Financial,  each  divisional 
CIO  for  the  major  lines  of  business  has  a 
BIO — business  information  officer — who 
works  with  a  business  and  operations  leader 
at  each  line  of  business.  “Any  one  of  the 
three  could  sit  there  in  a  Iseniorl  manage¬ 
ment  meeting,”  says  Gregor  Bailar,  execu¬ 
tive  vice  president  and  CIO,  which  is  a 

www.cio.com  •  JUNE  15,  2003  CIO  75 


Alignment  Tactics 


Common  Ground 

Portfolio  management  lets  CIOs  create  a  shared  view 
of  IT  priorities 


In  a  do-more-with-less  environment,  CIOs  are  put  in  the  position  of  saying  no  to 
new  spending  ideas.  That  makes  it  vital  to  actively  engage  the  business  side  in  IT 
planning.  You  could  consider  it  sharing  responsibility  for  making  hard  choices;  or 
you  could  think  of  it  as  building  a  common  view  of  the  organization’s  priorities. 

One  way  to  immerse  the  business  feet  first  is  through  portfolio  management. 
Using  this  process,  technology  and  business  leaders  identify  the  goals  of  the  busi¬ 
ness,  and  then  use  objective  criteria  to  prioritize  and  manage  projects  to  achieve 
the  highest  value  from  the  IT  portfolio.  All  projects  are  viewed  in  relation  to  one 
another,  not  on  a  standalone  basis.  High-risk  projects  are  balanced  with  low  risk, 
and  short  term  with  long  term.  It  follows  the  same  principles  as  those  employed  in 
managing  a  financial  portfolio.  (For  a  guide,  see  "Portfolio  Management:  How  to  Do  It 
Right"  at  www.cio.com/printlinks.) 

For  example,  you  might  look  at  your  portfolio  and  realize  that  most  of  the  IT  proj¬ 
ects  are  in  sales  and  none  in  manufacturing.  That  might  be  due  less  to  real  needs 
and  more  to  the  fact  that  the  president  of  the  sales  division  is  a  master  at  scoring  IT 
investment  dollars.  A  portfolio  management  approach  attempts  to  take  the  politics 
out  of  investment  decisions  by  taking  a  bird’s-eye  view  of  the  enterprise. 

Chuck  Tucker,  a  Gartner  vice  president  and  executive  programs  research  director, 
says  there  are  two  big  differences  between  the  traditional  way  of  choosing  IT  proj¬ 
ects  and  portfolio  management. 

The  first  is  a  life-cycle  view  of  a  project.  “In  the  past,  once  you  got  approval,  no 
one  looked  at  the  project  again.  You  got  a  blank  check.  Under  portfolio  manage¬ 
ment,  every  time  you  review  the  portfolio— typically  quarterly— you  look  at  every 
project  and  say.  Does  this  still  make  sense?”  If  it  doesn’t,  you  kill  it.  Tucker  says. 

The  second  is  that  looking  at  all  projects  together  allows  you  to  spot  imbalances— 
too  many  high-risk  projects  or,  vice  versa,  too  many  safe  investments.  Using  portfolio 
management,  you  continually  rebalance  the  portfolio  to  ensure  maximum  value. 

The  big  benefit  is  greater  alignment.  Businesspeople  need  to  be  involved  up  front 
to  make  sure  the  business  strategy  drives  the  criteria  for  choosing  projects.  The  pri¬ 
oritization  process  reflects  whatever  the  organization’s  focus  might  be— market 
share,  cost  reduction  or  ROI.  -T.D. 


statement  exemplifying  the  confidence  Cap¬ 
ital  One  has  in  its  BIOs.  “They  need  to  have 
two  hats.  One  is  be  a  relentless  champion 
of  their  business  area,  understanding  that 
business’s  needs.  At  the  same  time,  they  have 
to  see  how  that  impacts  technology.” 

BIOs  are  often  tasked  with  prioritizing  IT 
projects  for  their  divisions  and  working  with 
their  business  counterparts  to  allocate  spend¬ 


ing  and  create  delivery  time  lines  for  projects, 
Bailar  says.  The  goal:  seamless  alignment. 

Sony’s  Milde  pursues  alignment  through 
his  business  account  managers.  “They’re 
sort  of  like  mini-CIOs,”  he  says.  Those  man¬ 
agers  must  have  a  passionate  understanding 
of  their  business;  what  he’s  not  seeking  are 
VoIP  or  database  experts.  It’s  a  process  he 
put  in  place  last  year,  and  he’s  assigned  a 


person  to  run  that  area. 

IT  business  parmer  is  the  moniker  for  the 
aligners  at  Avaya.  And  in  a  slight  twist.  Vice 
President  and  CIO  Mike  Crowley  is  look¬ 
ing  beyond  IS  at  the  network  equipment 
maker  to  find  talent  for  his  current  crop  of 
seven  business  partners,  and  he  tries  to 
attract  MBAs.  “We’d  like  to  infuse  [our 
group  of  partners  with]  more  people  from 
the  business,”  he  says.  After  all,  an  MBA 
can  be  passionate  about  technology  too. 

HABIT  Join  hands  with 

business  leaders  at 
every  opportunity. 

If  IS  leaders  aren’t  working  side 
by  side  with  business  leaders  to 
I - 1  develop  project  lists  and  budg¬ 

ets,  then  your  alignment  is  only  skin-deep. 

Capital  One  has  a  formal  process  for 
prioritizing  and  developing  projects  from 
the  inception  stage  to  the  approved  stage. 
Projects  come  from  two  directions:  the 
top  of  the  house  (senior  management) 
and  the  business  units.  Bailar  calls  the 
strategic  imperatives  from  senior  man¬ 
agement  “raising  the  octane” — in  other 
words,  they  push  the  bar  up  for  each 
business.  Those  projects  are  funded  first. 
At  the  same  time,  money  is  allocated  to 
the  lines  of  business  for  the  rest  of  the 
technology  budget. 

Capital  One’s  business  information  offi¬ 
cers  work  with  their  business  counterparts 
to  decide  which  projects  are  funded,  sched¬ 
ule  delivery  time  lines  and  so  on.  Bailar  and 
the  BIOs  get  together  every  month  to  do  a 
resource  management  review,  at  which  time 
they  check  in  on  the  status  (including 
resourcing  and  performance  updates)  of  big¬ 
ger  projects.  Taken  together,  Bailar  says,  the 
review  and  prioritization  processes  for  proj¬ 
ects  are  meant  to  align  with  the  business 
imperatives  of  the  company. 

The  DIOs  at  Schering-Plough  meet  with 
business  heads  to  develop  and  prioritize 
projects.  Then  Lemma  and  his  senior  IT 
management  team  do  what  he  calls  a 
smoothing  process,  deciding  which  projects 
are  accelerated,  which  are  pushed  back.  The 


76  CIO  JUNE  15,  2003  •  www.cio.com 


'^<  "'  '  "w  .r 

•;■  I'/ 
-  .WV 

ri^'  ^■5'  7  *  ^  ''M 

%4'‘,-  !>., 

few 


Users  are  frustrated... 

and  every  day  you  spend  more 
not  to  fix  the  problem. 


■■■Hr  *» 


I 


cymbio^ 

byCysive 

You’ve  tried  to  integrate  your  systems,  but 
from  your  user’s  point  of  view,  it’s  still  a  mess. 
They  can’t  find  what  they  need  to  find,  or  do 
what  they  need  to  do.  The  worst  part  is,  it’s 
costing  you  a  fortune  to  frustrate  them. 

Take  a  look  at  Cysive  Cymbio®.  It’s  all  about 
making  your  user  experience  work. 


Download  the  Cysive®  User  Experience 
Management  White  Paper. 

Cysive.com 


Alignment  Tactics 


goal  is  to  arrive  at  the  projects  with  the 
biggest  business  impact  using  the  most  effi¬ 
cient  amount  of  resources. 

However  formal  your  prioritization  and 
I  budget  process  may  be,  don’t  forget  to  make 
sure  the  business  has  a  real  understanding 
of  IT  costs.  “Transparency  is  critical,”  says 
Mike  Ashworth,  CIO  and  managing  direc¬ 
tor  of  J.P.  Morgan  Investment  Bank.  “His¬ 
torically,  at  a  lot  of  tech  organizations  the 
financials  are  very  opaque;  people  couldn’t 
tell  what  was  going  on.”  He  says  that  by 
breaking  out  spending  for  existing  opera¬ 
tions  and  for  investments  in  new  initiatives, 
“people  start  to  understand  what  the  levers 
are  for  making  decisions.” 


5 


HABIT  Advertise  your 

technology  strategy. 

Now  that  you  have  a  good  pri¬ 
oritization  process,  how  about 
taking  it  for  a  stroll  down  Mad¬ 
ison  Avenue?  In  addition  to  let¬ 
ting  the  lines  of  business  know  what  IT  is 
up  to,  you  can  also  spread  it  to  the  masses. 

Mike  Clifford,  vice  president  and  CIO  for 
Whole  Foods  Market,  publishes  a  strategic 
plan  twice  a  year  that  takes  a  three-year 
look  at  the  company’s  business  opportunities 
while  matching  its  IS  capabilities  to  those 
opportunities.  His  employees  generate  the 
content  by  doing  “mind  dumps”  of  what  IT 
projects  they  believe  are  needed  in  the  func¬ 
tional  areas  to  which  they’re  assigned.  Then 
they  review  those  plans  with  their  business 
counterparts,  who  act  as  the  editors.  Every¬ 
thing’s  about  sequencing,  Clifford  says.  “The 
great  idea  in  marketing  may  conflict  with 
the  great  idea  in  purchasing,  and  we  proba¬ 
bly  can’t  afford  to  do  them  at  the  same  time. 
It  does  generate  some  internal  battles  in 


cio.com  Want  to  become  even  more 
highly  effective?  Benefit  from  the  collective 
wisdom  of  your  peers  as  they  tackle 
alignment  and  technical  issues  in  the 
members-only  CIO  BEST  PRACTICE 
EXCHANGE.  If  you  are  a  senior  IT  executive 
at  a  midsize  or  large  organization,  join  for 
free  at  exchange.cio.com. 


78  CIO  JUNE  15,  2003  •  www.cio.com 


Mike  Clifford, 
CIO  at  Whole 
Foods  Market, 
publishes  a 
magazine  twice 
a  year  spelling 
out  strategic 
priorities.  It’s  a 
joint  exercise  for 
both  business  and 
IT  leaders. 

which  my  staff  is  lobbying  for  their  highest 
sequence  item  against  other  groups,  so  that 
makes  it  interesting.” 

Clifford’s  team  then  puts  the  information 
into  a  magazine  format.  “We  write  it  in  a 
chatty  way,  using  great  boxes  that  we  sprin¬ 
kle  throughout  the  document,”  he  says. 

The  IS  group  at  J.P.  Morgan  publishes 
handbooks  that  Ashworth  calls  architectural 
road  maps.  Each  sub-business — about  10  in 
the  investment  bank — publishes  one.  They’re 
created  in  conjunction  with  the  operations  and 
business  groups  in  each  unit.  “They’re  living, 
breathing  checkpoints,”  he  says.  “They  tell 
people  where  we  are  today  and  where  we’re 
going  in  terms  of  application  architecture  in 
sbc-month  chunks.”  He  adds  that  his  group 
tries  to  ensure  projects  don’t  run  beyond  six 
months  without  delivering  payback. 


Opportunities  appear  when  you  put  all 
these  business  product  and  process  pieces  in 
one  place,  Ashworth  says.  “You  see  interest-^ 
ing  issues  between  geographies — ^for  example, 
the  securities  business  in  Europe  might  be! 
more  efficient  than  in  North  America — and 
if  there’s  technology  differences,  we  can  do 
something.  We  also  map  the  operation  costs.! 
That  helps  us  understand  what  we  should  gO; 
after,”  he  says. 

Make  IT  user-friendly. 
For  everyone. 

This  tactic  may  not  explode' 
with  the  force  of  strong  relations 
with  senior  management,  but  it 
certainly  qualifies  as  an  effective 
weapon.  DBS’s  Schafle  refers  to  it  as  “techni-; 
cal  alignment” — making  it  easier  for  business 
customers  to  use  FT  tools. 

Schafle  cites  Web-based  reporting  as  an 
example.  In  the  past,  the  tools  used  to  extract! 
data  to  create  reports,  such  as  OLAP-type 
spreadsheets,  were  controlled  by  IS.  Schafle 
made  it  easier  for  his  customers  by  developing 
DDSreports.com,  a  tool  that  allows  them  to 
extract  data  from  a  repository  and  build  their 
own  reports  in  the  manner  that  suits  them. 
“It’s  their  data,”  he  says.  “Our  job  is  to  pro-; 
tea  it.  That  tends  to  align  you....  It  builds  rap¬ 
port  with  customer  service  reps,  call  center 
reps  and  account  managers.  [They  won’t  have 
to]  fear  coming  to  IS  to  get  information.”  The 
tool  is  now  available  to  external  clients. 

“Selfishly  it  benefits  IS  as  well,”  he  adds. 
“If  someone  is  adept  at  using  an  OLAP  tool,| 
why  should  I  restria  them  from  using  that 
kind  of  capability?”  That  kind  of  thinking 
goes  a  long  way  toward  peace  on  earth  and 
goodwill  toward  IS. 

Nobody  said  being  a  CIO  was  easy,  espe¬ 
cially  when  attempting  to  gratify  insatiable! 
users  with  smaller  and  smaller  slices  of  the! 
IT  pie.  But  by  continually  renewing  and 
refreshing  your  relationships  with  the  busi-l 
ness  side  of  the  house,  you  can  ensure  that; 
nobody  goes  hungry — or  if  they  do,  at  least 
they  understand  why.  QQ 


Reach  Senior  Editor  Todd  Datz  at  tclatz@cio.com. 


Pronto 

101011010110 

Guten  Ta^f 

101101101010 

Halla 

001101100101 

Alo 

101110110101 

101101111010 

Hallo 

101101110101 

Bg 

001101100101 

Hello 

011010110111 

Alld 

101110110101 

im 

001110101101 

Guten  Ta^ 

101011110010 

Halla 

001101100101 

Pronto 

011010110111 

101110110101 

Halla 

101110110101 

011001101111 

Alo 

101000010111 

Haloo 

100101111010 

Halla 

101011010111 

101101110101 

Pronto 

101101110101 

Halla 

101011010111 

Bg 

001101100111 

Alo 

101011010111 

Haloo 

101101110101 

101101110101 

Hello 

101010101101 

Alld 

101101110101 

Wift 

001101100111 

Guten  Ta^ 

101110110101 

Halla 

101101010101 

101011011011 

Pronto 

001101110101 

Hallo 

101011010111 

Alo 

101101110101 

101101110101 

Haloo 

101011010111 

Aid 

101101110101 

>  When  ail  your  business  VOICE  SERVICES  and  your  business  DATA  SERVICES  come  from  one  company  on  one  oflobal  network,  they  work  better  TOGETHER. 

- ^ 

MCI. 


Call  for  service  availability. 


www.mci.com 


The  coauthor  of  Unleashing  the  Killer  App 
deconstructs  the  new-order  IT  architecture 
that  will  connect  tomorrow’s  information 
supply  chain 


Larry  Downes,  chairman  of 
the  Larry  Downes  Consult¬ 
ing  Group  in  Berkeley, 

Calif.,  is  author  of  The 
Strategy  Machine:  Building 
Your  Business  One  Idea  at 
a  Time  and  coauthor  of 
Unleashing  the  Killer  App: 
Digital  Strategies  for  Mar¬ 
ket  Dominance.  He  has 
held  faculty  appointments 
at  the  University  of  Chicago 
Graduate  School  of  Busi¬ 
ness  and  Northwestern 
University  School  of  Law, 
where  he  taught  courses 
on  corporate  strategy  and 
technology  law. 


PHOTO  BY  ROBERT  ALTMAN 


Essay 


Future  Architecture 


AS  WE  CONTINUE  TO  SHOVEL  AWAY  THE  DEBRIS  FROM  THE  Y2K 

and  Internet  buying  binges  of  a  few  years  ago,  CIOs  in  a  variety  of  industries  are  discovering  some¬ 
thing  remarkable.  Beneath  the  rubble,  a  dramatically  different  model  for  business  computing  is 
emerging,  as  different  from  today’s  architecture  as  was  the  shift  from  mainframes  to  client/server 
in  the  1980s.  Whereas  PCs  made  it  possible  to  distribute  both  applications  and  data  closer  to  their 
users,  the  next-generation  architecture  will  distribute  even  smaller  units  of  software  over  the  Inter¬ 
net,  not  just  to  distant  users  but  to  destinations  such  as  equipment  on  the  factory  floor  and  pack¬ 
ages  on  store  shelves.  That  capability  will  create  a  new  class  of  information  products  and  services 
that  will  interact  with  each  other  across  organizational  boundaries  using  sophisticated  messaging 
and  security  protocols.  Data  processing  will  become  even  more  tightly  connected  to  business 
processes,  designed  to  scale  up  or  down  quickly  as  conditions  require,  supported  by  new  kinds  of 
outsourcing  relationships  with  hardware,  software  and  communications  vendors.  Sports  fans 
might  think  of  it  as  “extreme  computing.” 


The  individual  movements  that  fuel  this  next-generation  architec¬ 
ture  scenario  have  been  percolating  for  some  time.  But  it’s  their  com¬ 
ing  together  within  the  next  two  to  five  years  that  will  create  the 
profound  new  landscape  in  which  companies  will  do  business.  Orga¬ 
nizations  adopting  next-generation  architecture  will  realize  substan¬ 
tial  reductions  in  development  and  maintenance  costs,  and  participate 
in  new  forms  of  information  exchange  up  and  down  the  supply 
chain  that  will  create  new  sources  of  value. 

The  good  news  is  that  much  of  the  investment  you’ve  made 
in  the  past  five  years  in  networks,  hardware  and  applications 
will  turn  out  to  yield  unexpected  dividends  as  part  of  this  new 
architecture — not  just  productivity  savings  but,  more  impor¬ 
tant,  competitive  advantage  and  perhaps  even  new  products 
and  services. 

The  bad  news  is  that,  like  earlier  large-scale 
shifts  in  computing  architecture,  the  transition 
will  be  accompanied  by  plenty  of  trauma.  To 
take  maximum  advantage,  your  company  will 
need  to  make  more  investments  in  infrastruc¬ 
ture,  rethink  some  applications  and  gear  up 
for  a  major  transformation  of  your  IT  skills. 

The  next-generation  architecture  emerges 
from  the  intersection  of  three  important  trends 
in  business  computing: 

Cheap  computing.  Following  Moore’s  Law, 
computing  power  continues  to  get  dramatically 


faster,  cheaper  and  smaller  all  the  time.  Not  only  can  computers 
do  more  things,  more  things  can  be  turned  into  computers, 
including  consumer  electronics,  appliances  and,  increasingly, 
individual  products  and  packaging. 

Distributed  processing.  Applications  are  being  distributed  clos¬ 
er  and  closer  to  the  business  functions  they  support,  another  long¬ 
standing  trend.  In  the  coming  wave  of  distribution,  processing 
will  move  away  from  human  users  to  the  objects  in  a  commercial 
transaction.  It  won’t  be  the  driver  of  the  truck  who  scans  the 
package  and  uploads  the  data,  in  other  words,  but  the  package 
itself,  which  will  send  data  continuously  throughout  its  lifetime. 
A  new  set  of  business  relationships  will  run  parallel  to  the  move¬ 
ment  of  goods  and  services,  collecting  and  communicating  infor¬ 
mation  about  every  stage  of  every  transaction — an  important 
byproduct  of  the  next-generation  architecture  I 
have  called  the  “information  supply  chain.” 

Openness.  Turbo-charging  these  dramatic 
changes  is  one  unexpected  development  of  the 
past  decade:  the  unprecedented  spread  of  TCP/IP, 
XML,  MP3,  and  other  nonproprietary  network¬ 
ing  and  data  communications  standards  known 
collectively  as  the  Internet.  Despite  the  dotcom 
meltdown,  open  data  communications  standards 
continue  to  evolve  and  take  hold,  creating  the 
foundation  for  some  of  the  most  exciting  new 
applications  of  next-generation  computing. 


Reader  ROI 

►  The  seven  elements 
of  next-generation 
IT  architecture 

►  How  tomorrow’s 
architecture  will 
create  new  value 
for  companies 

►  What  CIOs  should 

.  do  now  to  prepare 


I 


I 


I 

i 

1 


www.cio.com  •  JUNE  15.  2003  CIO  81 


Essay  |  Future  Architecture 

Seven  Pillars  of 
Architecture 

The  next-generation  architecture  is  made  up  of  the  following  seven 
key  elements. 

Reusable  software  components.  Appii 

cation  software  will  continue  to  grow  away  from  the  mono¬ 
lithic,  hard-to-maintain  masses  of  code  we’ve  known  in  the 
.  1  past  toward  smaller  components  that  communicate  with  each 
other  to  complete  particular  tasks.  Generic  and  company-specific  ele¬ 
ments  can  be  mixed  and  matched  without  undermining  the  overall 
design.  Instead  of  exchanging  data  using  brittle  application  program 
interfaces,  applications  will  exchange  standard  documents  such  as 
orders  and  invoices  and  extract  the  data  they  need  behind  the  firewall. 

Enabling  technology:  Object-oriented  software.  Object- 
oriented  design  tools  and  execution  environments,  such  as 
Microsoft’s  Visual  Studio,  will  replace  traditional  development 
and  run-time  environments  with  comprehensive  programming, 
testing  and  operating  environments,  and  manage  large  libraries  of 
code.  Nonprofit  organizations  including  the  insurance  industry’s 
Association  for  Cooperative  Operations  Research  and  Develop¬ 
ment,  as  well  as  software  vendors  such  as  customer  management 
provider  Chordiant  Software,  are  building  document  and  process 
objects  that  are  understandable  within  industries  and  functions. 
Another  consortium,  XML  Common  Business  Library,  is  work¬ 
ing  on  a  standard  for  XML  documents  that  cross  industries.  We 
will  finally  overcome  the  long-standing  limitations  of  object- 
oriented  tools’  performance,  functionality  and  critical  mass  of 
users.  The  solution  is  coming  in  part  from  the  rapid  increase  in 
computing  power  of  both  servers  and  client  devices  to  fuel  the 
added  processor  requirements  of  the  object-based  approach,  and 


in  part  from  major  commitments  by  leading  software  vendors  to 
build  robust  development  tools  and  run-time  environments. 
Principally,  the  big  vendor  battle  is  between  Microsoft,  with  its 
largely  proprietary  .Net  Web  services,  and  IBM’s  on-demand 
computing  platform  based  on  Linux  and  Websphere  open  sys¬ 
tems.  Who  will  win?  IBM  is  betting  heavily  on  the  open  architec¬ 
ture  of  Linux,  which  has  fans  in  the  developer  community. 
Microsoft  is  targeting  the  installed  base  of  Windows  users,  hop¬ 
ing  to  bring  them  onto  the  next-generation  platform  gradually. 
For  now,  both  companies  need  to  do  a  better  job  of  making  the 


business  case  from  the  customer’s  point  of  view,  especially  those 
already  under  pressure  to  reduce  IT  spending  growth  and  focus 
on  short-term  productivity  gains. 

Key  impact;  Software  development  becomes  a  cottage  industry. 
Users  will  buy  software  in  pieces — some  from  traditional  applica¬ 
tion  and  systems  software  vendors  and  others  from  companies  spe¬ 
cializing  in  particular  business  functions,  for  example,  credit  scor¬ 
ing  or  industry-specific  legal  compliance.  Companies  will  also 
write  their  own  modules  for  activities  in  which  they  already  enjoy 
a  competitive  advantage,  eliminating  the  painful  and  unsatisfying 
make-or-buy  dichotomy  of  today’s  environment.  Open-source 
enthusiasts,  both  at  the  system  and  application  software  level,  will 
accelerate  the  spread  of  reusable  and  extendible  code. 

t  Openness.  To  maximize  companies’  abilities  to  col¬ 
laborate  both  inside  and  outside  the  organization,  we  will 
build  software  and  networks  on  open  standards  for 
process,  data,  user  interface  and,  most  important,  infor¬ 
mation  exchange. 

Enabling  technology:  Standards,  In  addition  to  the  next  gen¬ 
eration  of  existing  Internet  standards,  including  XML,  open 
architectures  will  play  a  dominant  role  for  lower-level  operating 
systems,  such  as  Linux,  as  well  as  higher-level  application-to- 
application  interaction.  Over  time,  application  vendors  will  build 
on  emerging  standards  to  create  higher-level  rules  for  inter¬ 
changeable  business  documents  and  processes  for  managing 
them.  Industry  and  vendor  consortia  such  as  the  Web  Services- 
Interoperability  Organization  (WS-I),  supported  by  BEA  Systems, 
IBM,  Microsoft  and  others,  as  well  as  the  Universal  Business 
Language  promoted  by  Commerce  One,  SAP,  Sun  and  others  are 
vying  to  create  the  winning  combination  of  standards  and  appli¬ 
cations.  Each  group  has  a  slightly  different  definition  of  openness, 
but  all  the  participants  understand  that  they  can  sell  new  prod¬ 


ucts  and  services  to  users  only  when  collaboration  across  the  sup¬ 
ply  chain  becomes  cheap  and  standardized.  Industry-led  groups 
such  as  MIT’s  Auto-ID  Center,  which  is  developing  open  stan¬ 
dards  for  electronic  product  codes,  and  the  Uniform  Code 
Council,  which  is  developing  business  data  standards  using 
XML,  will  likewise  play  power  broker  roles  in  establishing  com¬ 
mon  ground  across  platforms,  industries  and  companies. 

Key  impact:  The  data  warehouse  will  become  the  data  retailer. 
Open  standards  will  make  it  possible  to  unlock  the  potential  of 
corporate  information  trapped  in  your  unwieldy  or  inaccessible 


The  struggle  to  arrive  at  a  common,  open  standard  infrastructure 
will  be  long  and  complicated,  but  ultimately  a  combination  of 
public,  private  and  consumer  interests  will  force  a  resolution. 


82  CIO  JUNE  15.  2003  •  www.c/o.com 


DOWNLOAD  THE  ONLINE  WHITE  PAPER,  "SAIT  -  A  TAPE  TECHNOLOGY 
FOR  THE  21ST  CENTURY"  AT  WWW.SAITTAPE.COM 


smoM 


MEDICAL 


GOVERNMENT 


SECURITY 


©2003  Sony  Electronics  Inc.  AU  rights  reserved.  Reproduction  in  whole  or  in  part  without  written  permission  is  prohibited.  Features  and  specifications  are  subject  to  change  without  notice.^^^. 

Sony  and  PetaSite  are  trademarks  of  Sony.  AU  other  trademarks  are  property  of  their  respective  owners. 


Lots  of  solutions  look  good  today.  But  where  wilt  they  be 
years  from  now?  With  the  flood  of  corporate  data  constantly 
rising,  you  need  more  than  a  tape  storage  "roadmap."  You 
need  the  smartest,  best-researched,  highest-capacity  path 
to  the  future.  And  that's  SAIT. 

SAIT  achieves  a  whopping  1.3  terabytes  of  compressed 
storage.  In  comparison,  SDLT  and  LTO  Ultrium®  aren't 
scheduled  to  exceed  this  capacity  until  2006,  by  which 
time  SAIT  will  have  still  higher  capacity. 

Sony  paid  careful  attention  to  your  enterprise  storage  needs 
and  SAIT  delivers.  Here's  lower  cost  per  gigabyte.  Simplified 
data  management.  Proven  technology.  An  industry-standard 
form  factor.  And  a  credible  roadmap  from  the  world  record 
holder  in  tape  storage  density,  Sony. 

SAIT.  Smart  today.  Brilliant  tomorrow. 

Work  Smart.  Work  Sony. 


THE  TIME  TO  THINK 
ABOUT  BUYING  TAPE 
STORAGE  IS  2006. 


Essay 


Future  Architecture 


databases.  More  data  and  tools  for  sharing  it  will  lead  to  new 
sources  of  productivity  within  your  company,  such  as  business 
intelligence,  and  new  sources  of  profitability  outside  your  organi¬ 
zation.  For  example,  consolidated  data  from  similar  products  or 
data  from  across  the  supply  chain  can  provide  invaluable  market 
research,  which  you  can  use  to  improve  pricing,  promotion,  new 


are  specific  to  the  device  and  transparently  obvious  to  the  user. 

Key  impact:  Collaboration  becomes  device-independent. 
Recognizing  that  different  users  will  interact  with  applications 
using  a  wide  range  of  devices  (many  yet  to  be  invented),  interfaces 
will  evolve  from  hard-coded  dialogues  to  real-time  requests  for 
information  formatted  and  presented  in  ways  meaningful  to  the 


The  information  supply  chain  will  begin  to  function  as  an 
independent  source  of  revenue,  generating  invaluable  data  about 
product  performance,  consumer  behavior  and  logistics. 


product  development  and  maintenance.  Even  a  few  new  connec¬ 
tions  (perhaps  to  your  closest  trading  partners — key  suppliers  and 
major  customers)  will  add  tremendous  value,  but  the  biggest  gains 
won’t  come  until  major  participants  across  the  supply  chain  make 
the  switch.  The  struggle  to  arrive  at  a  common  infrastructure  will 
be  long  and  complicated,  but  ultimately — think  railroad  gauges, 
electrical  outlets  or  even  rules  for  driving — a  combination  of  pub¬ 
lic,  private  and  consumer  interests  will  force  a  resolution.  For 
now,  most  CIOs  should  avoid  committing  irreversibly  to  any  one 
of  the  competing  efforts,  but  should  watch  the  Darwinian  strug¬ 
gle  carefully,  experiment  when  possible  and  adopt  particular  solu¬ 
tions  when  the  business  case  justifies  doing  so. 

Adaptable  interfaces.  One-size-fits-none  user 

interfaces  will  evolve  into  device-independent  interactions 
that  can  be  customized  by  users  or  by  the  application  itself 
as  it  learns  how  different  users  want  to  send  and  receive 
information.  The  same  user  will  take  on  different  profiles  depending  on 
the  device  she  is  using  at  any  given  time,  be  it  a  PC,  telephone,  PDA  or 
cell  phone.  In  many  cases,  devices  will  communicate  directly  with  each 
other  without  the  intervention  of  a  user.  Next-generation  interfaces 
will  be  as  different  from  today’s  icon-and-window  model  as  that  par¬ 
adigm  was  from  the  C  prompt  of  DOS. 

Enabling  technology:  Consumer  electronics.  During  the  past 
10  years,  computing  has  increasingly  migrated  to  noncomputer 
devices  made  and  marketed  by  consumer  electronics  companies, 
the  best  of  which  are  experts  at  creating  natural  man-machine 
interactions.  Manufacturers  of  video  game  consoles,  digital  video 
recorders  and  cellular  technologies  under¬ 
stand  that  consumers  need  limited  but  rel¬ 
evant  information  at  home  or  on  the  road, 
even  if  the  same  consumer  becomes  a 
power  user  of  more  complicated  applica¬ 
tions  back  at  the  office.  These  devices  offer 
far  fewer  options  than  a  desktop  comput¬ 
er,  but  appropriately  so,  and  they  will 
point  the  way  to  effective  interfaces  that 


device  and  the  role  of  the  user  at  any  given  time.  Because  of  those 
more  natural,  adaptive  interfaces,  the  interaction  you  have  with 
customers,  suppliers  and  employees  will  become  truly  collabora¬ 
tive  in  nature. 

On-demand  scalability.  To  better  handle 

the  rapid  pace  with  which  global  businesses  buy  and  sell 
major  assets,  the  next-generation  architecture  will  be 
capable  of  rapidly  adding  or  removing  capacity  and  con¬ 
necting  or  disconnecting  operating  units  without  breaking  the  net¬ 
work,  applications  or  databases. 

Enabling  technology:  Computing  on  demand.  Building  on  the 
component  software  architecture  and  open  standards  founda¬ 
tion,  the  next-generation  platform  will  lead  to  new  forms  of  out¬ 
sourcing.  Not  only  will  some  applications  be  handed  over  to  serv¬ 
ice  providers,  but  so  too  network,  processing  and  data  storage. 
(Securing  that  interaction  is  another  feature  of  the  next-genera¬ 
tion  architecture;  see  key  element  six.)  IT  services  companies, 
including  CSC,  EDS  and  IBM,  already  control  computer  opera¬ 
tions  for  global  businesses  and  are  investing  today  in  computing 
centers  that  can  quickly  switch  on  or  off  major  resources  as  the 
business  needs  of  their  customers  change.  The  component-based 
software  architecture,  at  the  same  time,  will  allow  companies  to 
keep  operating  assets  loosely  coupled,  making  it  easier  to  add  or 
remove  them.  (For  more  on  utility  computing,  see  “Plug  and  Pay” 
at  www.cio.com/printlinks.) 

Key  impact:  IT  will  adapt  to  your  company  rather  than  the 
other  way  around.  Today,  one  of  the  major  costs  in  both  time  and 

dollars  of  mergers  and  divestitures  is  the 
fragility  of  mission-critical  IT  systems. 
With  an  infrastructure  built  on  open  stan¬ 
dards  and  supported  by  on-demand 
resources,  the  scalable  company  will  be 
able  to  plug  and  unplug  divisions  and 
even  acquire  competitors  without  having 
to  wait  for  applications  to  catch  up  with 
the  changes  a  year  or  two  later.  Having 


How  are  you  positioned  for  a 
large-scale  shift  in  computing 
architecture?  Through  July  3, 
tell  Larry  Downes  what  you 
think  in  ASK  THE  SOURCE  at 
www.cio.com/ask.  _ _ 

cio.com 


84  CIO  JUNE  15,  2003  •  www.cio.com 


converted  to  a  standardized  application  and  desktop  environ¬ 
ment  in  the  late  1990s,  oil  giant  BP,  for  one,  has  leveraged  that 
investment  to  simplify  its  acquisitions  of  Amoco  and  Arco,  and  it 
now  runs  the  business  of  its  former  competitors  on  its  cheaper 
and  more  reliable  platform.  The  Amoco  takeover  was  completed 
nearly  a  year  ahead  of  schedule,  in  part  because  BP  simply 
replaced  Amoco  applications  and  hardware  with  its  own  stan¬ 
dardized  environment. 

Compartmentalized  application  com- 

ponents.  Following  a  long-standing  trend  toward  sep- 
aration  of  data  structures,  application  logic  and  user 
interfaces,  next-generation  applications  will  manage  each 
component  independently,  making  modifications  far  simpler.  The  job 
of  enhancing  the  next  generation  of  legacy  software  will  not  be  met 
with  the  same  dread  it  is  in  today’s  environment,  where  even  a  small 
change  can  ripple  through  to  hundreds  of  other  programs,  files  and 
screen  layouts. 

Enabling  technology:  Web  services.  Though  poorly  under¬ 
stood,  the  true  promise  of  Web  services  will  be  to  simplify  not 
only  application  development  but,  more  important,  application 
maintenance.  In  the  model  for  Web  services  developed  by  vendors 
participating  in  WS-I,  small  software  modules  located  anywhere 
on  the  Web  will  be  able  to  interact  with  each  other  using  standard 


ment  time,  cost  and  operations  overhead,  and  it’s  succeeding 
despite  being  in  a  ruinous  vertical  industry.  (For  more  about  the 
airline,  see  “JetBlue  Skies  Ahead”  at  www.cio.com/printlinks.) 

Built-in  security.  External  threats  to  systems 

security,  coupled  with  growing  consumer  privacy  concerns, 
will  figure  prominently  in  the  design  and  operation  of 
next-generation  systems,  with  likely  involvement  by  vari¬ 
ous  governmental  agencies  from  state  to  international  levels  (likely 
spurred  on  by  privacy  lawsuits).  Since  next-generation  applications 
will  reach  much  deeper  into  day-to-day  activities  of  consumers,  busi¬ 
nesses  and  governments,  they  will  require  built-in  safeguards  far 
beyond  passwords  and  physical  security. 

Enabling  technology:  Agent-based  computing.  Monitoring 
software  will  run  side-by-side  with  applications  to  test  the  valid¬ 
ity  of  every  request  over  the  global  open  network  of  integrated 
applications.  Each  transaction  will  carry  its  own  encrypted  secu¬ 
rity  profile  and  generate  a  secured  audit  trail.  Autonomous  soft¬ 
ware  using  agent  technology  will  negotiate  in  the  background  to 
ensure  that  interactions  in  the  open  marketplace  of  Web  services 
follow  the  rules.  The  same  technology  will  be  used  to  manage  the 
millions  of  interactions  taking  place  across  the  network,  perhaps 
supported  by  regulated  service  providers  that  offer  secured  audit 
trails  and  public  records. 


The  most  important  technique  for  managing  uncertainty 
and  hedging  against  the  risk  of  disruptive  change  is  to  adopt  a 
portfolio  approach  to  IT  investments. 


protocols,  making  it  possible  to  cobble  together  computer  sys¬ 
tems  that  reflect  the  needs  of  your  organization,  even — perhaps 
especially — as  those  needs  change.  Your  IT  organization  will  only 
have  to  worry  about  the  pieces  that  describe  functions  specific  to 
your  business.  (Eor  more  on  Web  services,  see  “Web  Services:  Still 
Not  Ready  for  Prime  Time”  at  www.cio.com/printlinks.) 

Key  impact:  Ownership  of  key  IT  components  will  migrate  to 
the  organization  best  suited  to  develop  them.  In  the  rush  to  pre¬ 
sent  users  with  Web-based  interfaces — and  with  few  development 
tools  available — most  companies  built  first-generation  Internet 
applications  that  hopelessly  entangled  data,  logic  and  interface. 
Connecting  the  new  software  to  existing  systems  proved  difficult, 
and  adding  new  functionality  or  taking  advantage  of  new 
Internet  technologies  proved  even  harder.  Most  companies  will 
start  over  in  the  next  two  years,  adopting  a  ruthless  insistence  on 
true  separation.  Once  they  do,  the  Web  services  model  will 
flower.  Some  companies  aren’t  waiting.  Startup  airline  JetBlue 
has  built  all  its  systems  from  scratch  using  Microsoft’s  .Net  envi¬ 
ronment.  The  company  claims  dramatic  reductions  in  develop- 


Key  impact:  The  integrity  of  data  will  become  a  matter  not  of 
engineering  but  of  public  policy.  Capability-based  technology  for 
securing  systems,  along  with  encryption  techniques,  must  be 
introduced  into  next-generation  applications  and  designed  into 
the  highest  levels  of  your  network.  The  combination  of  anxiety 
over  global  terrorism,  the  increasingly  open  exchange  of  data 
between  participants  in  the  supply  chain,  and  the  growing  unease 
among  consumers  about  the  collection  and  use  of  personal  infor¬ 
mation,  will  move  security  to  center  stage,  where  regulatory 
agencies,  legislators,  lobbyists  and  courts  will  play  a  prominent 
role  in  design. 

Disposable  computing.  As  the  cost  of  com¬ 
puting  continues  to  decrease,  it  will  become  cost-effective  to 
introduce  some  level  of  intelligence  to  each  individual  item 
in  commerce.  The  Auto-ID  Center  at  MIT  estimates  that 
about  a  trillion  new  Internet-friendly  “devices”  will  be  added  to  the 
network  in  the  next  10  years,  with  chips  and  radio  transmitters  sim¬ 
ply  included  as  part  of  a  product’s  basic  packaging. 


WWW. c  10. com  •  JUNE  15,  2003  CIO  85 


Essay 


Future  Architecture 


Enabling  technology:  Moore’s  Law  again.  Today,  companies 
including  Wal-Mart,  Procter  &  Gamble  and  Gillette  are  experi¬ 
menting  with  cheap  electronic  product  codes  that  transmit  data 
using  radio  frequencies.  The  emerging  standard  will  assign  every 
item — not  just  every  SKU — with  a  unique  identifier.  And  an 
Internet  address. 

Key  impact;  The  information  supply  chain  is  completed.  The 
emergence  of  disposable  computing  will  test  the  scalability,  flexi¬ 
bility  and  security  of  next-generation  architecture  by  flooding  it 
with  trillions  of  new  transactions,  sending  and  receiving  small 
amounts  of  data  that  track  the  flow  of  goods  and  services  through¬ 
out  the  supply  chain.  As  more  and  more  data  becomes  available  in 


From  a  technology  standpoint,  the  most  important  technique 
for  managing  uncertainty  and  hedging  against  the  risk  of  dis¬ 
ruptive  change  is  to  adopt  a  portfolio  approach  to  IT  invest¬ 
ments.  The  most  common  mistake  companies  make  during  slow 
periods  is  to  terminate  any  project  that  will  take  more  than  a  few 
months  to  pay  off — effectively  shorting  the  future.  (For  more  on 
IT  portfolio  management,  see  “Portfolio  Management:  How  to 
Do  It  Right”  at  www.cio.com/printlinks.) 

You  must,  of  course,  spend  most  of  your  IT  dollars  on  running 
the  business,  but  you  also  have  to  spend  to  change  the  business. 
Divide  your  budget  into  short-,  medium-  and  long-term  projects, 
and  agree  with  the  rest  of  your  executive  team  on  an  appropri- 


You  must  educate  industry  groups  and  trade  associations 
on  the  long-term  benefits  of  'obust  data  exchange  across  the 
supply  chain  so  they  in  turn  can  head  off  as  many  regulatory 
disasters  as  possible. 


usable  forms — particularly  data  generated  after  a  product  leaves 
the  store — ^the  “information  supply  chain”  will  begin  to  function  as 
an  independent  source  of  revenue,  generating  invaluable  data 
about  product  performance,  consumer  behavior  and  logistics. 
Look  for  forecasting  applications — which  today  rest  on  shaky 
assumptions — to  become  scientific  and  reliable.  Bundling  informa¬ 
tion  services  with  physical  products  such  as  smart  appliances  will 
be  another  key  source  of  new  value.  The  understandable  concerns 
of  consumers  over  data  privacy  will  be  resolved  along  the  way, 
largely  by  consumers  sharing  in  the  value  derived  from  the  use  of 
their  data.  Today,  grocery  stores  trade  significant  price  discounts 
for  consumer  data  using  preferred  shopper  identification  cards. 

NowWhat? 

Companies  that  have  the  most  to  gain  from  the  information  supply 
chain  are  retooling  right  now  for  the  next  generation,  even  when 
doing  so  requires  significant  investments  during  challenging  eco¬ 
nomic  times.  Amazon.com,  for  example,  embraced  open  source  in 
2002,  converting  from  Sun’s  proprietary  operating  system  to  Linux. 
The  switch  is  simplifying  the  process  by  which  freelance  retailers 
known  as  Amazon  associates  can  build  links  to  Amazon  applications 
into  their  websites,  using  Amazon’s  payment,  fulfillment  and  cus¬ 
tomer  service  without  actually  installing  the  software. 

So  the  real  question  now  is  not  whether  but  when  the  next 
generation  will  become  your  computing  architecture.  More  to 
the  point,  given  some  unavoidable  uncertainty  about  how  quick¬ 
ly  the  next  generation  will  arrive,  what,  if  anything,  should  you 
do  now  to  prepare  for  the  change  and  help  your  company  prof¬ 
it  from  its  potential? 


ate  ratio  among  them  (perhaps  a  percentage  allocation  of  75-15- 
10).  Then  stick  to  the  ratio  whether  the  budget  goes  up  or  down. 

At  the  same  time,  bear  in  mind  that  the  real  obstacles  to 
adopting  next-generation  architecture,  as  in  previous  transitions, 
will  be  more  organizational  than  technical.  Mastering  the  seven 
elements  of  the  next-generation  architecture  will  challenge  IT 
professionals  to  not  only  cultivate  new  technical  skills  but  to  also 
foster  a  better  understanding  of  their  companies’  business. 
Capturing  complex  processes  in  code  and  identifying  opportuni¬ 
ties  for  profit  from  new  data  sources  will  work  only  if  the 
boundaries  between  IT  and  users  are  as  permeable  as  the  data 
that  is  free-flowing  in  the  information  supply  chain. 

As  the  next-generation  model  makes  more  data  available  from 
business  partners  and  consumers,  the  psychology  of  privacy  and 
security  will  take  center  stage.  Data  privacy  and  security  con¬ 
cerns — poorly  understood  today — can  be  solved  but  only  with 
industry  leadership  and  public  education.  Unfortunately,  gov¬ 
ernments  are  shooting  first  and  asking  questions  later,  if  at  all. 
Laws  and  regulations  that  are  being  adopted  in  haste  today  will 
later  prove  to  have  created  more  problems  than  they  solved.  As 
CIOs,  you  must  educate  the  industry  groups  and  trade  associa¬ 
tions  you  belong  to  on  the  long-term  benefits  of  robust  data 
exchange  across  the  supply  chain  so  they  in  turn  can  work  with 
consumer  groups  and  regulatory  bodies  to  head  off  as  many  reg¬ 
ulatory  disasters  as  possible. 

Most  of  all,  keep  your  eyes  open.  Be  ready  to  jump  on  early 
opportunities  to  profit  from  any  of  the  seven  elements  of  next- 
generation  architecture  as  soon  as  you  spot  them.  As  the  come¬ 
dy  team  The  Firesign  Theater  likes  to  say,  “Live  in  the  future.  It’s 
happening  now.”  BE! 


86  CIO  JUNE  15,  2003  •  www.cio.com 


WebSphere  Business  Integration  is  far  and  away  the  leading  integration  software  for  the  on  demand 


era.  Open  and  flexible,  WebSphere  lets  you  model,  integrate  and  manage  all  of  your  business 


processes.  WebSphere  delivers  an  infrastructure  that  quickly  responds  to  change,  meeting  business 
demands,  on  demand.  For  an  Integration  InfoKit  and  case  studies,  visit  ibm.com/websphere/seeit 


IBM,  WebSphere,  the  e-business  logo  and  e-business  on  demand  are  registered 
States  and/or  other  countries.  Certain  information  contained  within  this  adverti 
Summary  2003.”  ©2003  WinterGreen  Research,  Inc.  ©2003  IBM  Corporation.  All 


Srtarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United 
"ht  is  based  on  results  of  the  WinterGreen  Study,  “Application  Integration  Executive 
3hts  reserved. 


Reality  Bytes 

A  Cold  Look  at  Hot  Trends 


Looking  on 
the  Sunny  Side 

Within  the  gloomy  clouds  of  economic  malaise  glitter 
the  silver  linings  of  cheap  thrills  and  tiny  triumphs 

BY  MEGAN  SANTOSUS 

SHAKESPEARE  JUMPED  THE  GUN.  It  was  the  winter  of  2002-2003 
that  was  truly  the  season  of  our  discontent. 

Unemployment  was  up.  The  trade  deficit  was  up.  Gas  and 
home  heating  oil  prices  were  up.  And  anxiety  over  the  impend¬ 
ing  war  with  Iraq  and  the  threat  of  terrorism  was  way,  way  up. 
About  the  only  things  going  down  were  revenue,  stock  prices, 
retirement  account  balances  and  consumer  confidence. 

An  eternal  pessimist,  I  grudgingly  vowed  this  past  New 
Year’s  to  adopt  a  more  upbeat  attitude.  After  all,  there  are  two 
sides  to  every  coin,  and  the  difference  between  the  happy  and 
well-adjusted  folk  and  those  prone  to  melancholy  and  malaise 
often  comes  down  to  a  mere  shift  in  perspective.  So  in  my  effort 
to  achieve  my  resolution.  I’ve  taken  a  good  hard  look  at  this 
past  winter.  Lo  and  behold,  there  have  indeed  been  a  few  silver 
linings  hiding  inside  those  ominous  black  clouds. 

Reasons  to  Be  Cheerful 

The  airlines.  No  industry  has  suffered  more  directly  from  the 
9/1 1  tragedy  than  the  airlines.  Take  rising  fuel  costs,  the  fear  of 
flying  and  dwindling  corporate  travel  budgets,  and  you  have  a 

88  CIO  JUNE  15,  2003  •  wwvj. do. com 


nice  recipe  for  Chapter  11.  Among  the  big  carriers.  United  Air 
Lines  is  the  leader  on  the  runway  to  oblivion.  To  save  money, 
the  airlines  are  skimping  on  their  already  pathetic  snack  menus 
and  clamping  down  hard  on  carry-ons  by  charging  fees  when 
passengers  exceed  the  limit.  It  says  a  lot  about  the  state  of  the 
industry  when  the  only  bright  spot  is  provided  by  a  plucky 
startup  called  JetBlue. 

From  a  passenger’s  perspective,  howevei;  the  industry’s  strug¬ 
gles  have  resulted  in  certain  fringe  benefits.  With  fewer  pas¬ 
sengers,  there’s  much  less  jostling  for  aisle  seats,  pillows  and 
those  precious  onboard  magazines.  With  the  airline  employ¬ 
ees’  jobs  perhaps  depending  on  whether  you’re  having  a  good 
experience,  everyone  seems  more  than  a  little  bit  friendlier, 
more  eager  to  be  of  service.  And  fewer  passengers  translate  to 
fewer  people  who  are  hypersensitive  to  peanuts.  (Hopefully 
that  means  I  no  longer  have  to  scarf  down  my  candy  bars 


ILLUSTRATION  BY  PEP  MONTSERRAT 


Tivoli  software 


See 

See 


vi  _  -r 

/ 

it  fixed  before  it’s  broken.  ‘ 
the  problem  before  it  occurs.  ^ 
IT  and  business  goals  as  one.  v^ 


i 

4 


Tivoli  Intelligent  Management  software.  It’s  here  now:  software  that  self-configures,  self-heals, 
self-optimizes  and  self-protects.  On  demand.  With  Tivoli,  on  demand  business  is  more  manageable 
than  ever.  You’ll  spend  less  time  worrying  about  mundane  tasks  and  more  time  on  important  things  — 
like  business  results.  For  a  customized  analysis  of  how  Tivoli  can  help  you,  visit  ibm.com/tivoli/seeit 


SsKr'-'- 


IBM,  Tivoli,  the  e-business  logo  and  e-business  on  demand  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States 
and/or  other  countries.  ©2003  IBM  Corporation,  All  rights  reserved. 


Reality  Bytes 


furtively  to  avoid  detection  by  the  peanut  police.) 

It’s  said  that  bad  times  bring  out  the  best  in  people,  and  that 
adage  can  be  applied  equally  as  well  to  the  airlines.  The  next 
time  you’re  on  a  flight  and  you  hear  the  attendant  chirping 
over  the  PA,  “Thanks  for  flying  with  us  today,”  you  can  be 
certain  that  these  days  they  actually  mean  it. 

Capital  gains.  For  a  while  there,  around  the  turn  of  the  cen¬ 
tury,  I  actually  entertained  fantasies  of  being  an  amateur  version 
of  Warren  Buffett.  Every  stock  I  bought  recorded  double-digit 
gains  every  few  months.  Everything  was  going  so  well  I  started 
to  worry  about  the  dreaded  capital  gains  tax. 

That  was  then. 

Now,  if  your  investment  portfolio  is  anything  like  mine,  you 
haven’t  seen  a  capital  gain  since  the  third  quarter  of  2001. 
Thankfully,  the  tax  code  provides  some  solace. 


With  regard  to  my  federal  taxes,  I  can  throw  that  Schedule 
D  right  into  my  circular  file.  One  less  tax  form  to  fill  out  and 
double-check  translates  into  almost  three  more  hours  of  qual¬ 
ity  time  I  can  spend  with  my  family.  But  the  real  value  add 
comes  when  it’s  time  to  file  my  state  return. 

Taxachusetts — mean  Massachusetts — has  a  lovely  capital 
gains  formula.  Eorget  about  long-term  gains  and  short-term 
gains,  says  the  Commonwealth.  That’s  for  the  federal  simpletons. 
In  the  land  of  the  bean  and  the  cod,  tax 
rates  for  capital  gains  can  fall  into  a 
handful  of  categories.  For  example,  if 
you’ve  held  a  stock  for  less  than  one  year 
before  selling  it,  you’re  going  to  pay  the 
piper  in  a  big  way.  But  as  one  might 
expect  given  our  frugal  puritan  heritage, 
the  rate  goes  down  according  to  how  long  you’ve  resisted  the 
urge  to  go  wild  and  cash  in.  There’s  one  rate  for  stocks  held  for 
one  year  but  not  more  than  two;  another  for  stocks  held  for 
two  years  but  not  more  than  three.  For  more  than  three  years 
but  not  more  than  four?  Yet  another  rate.  This  goes  on  until 
you’ve  owned  a  stock  for  more  than  six  years.  After  that,  the 
state  stops  torturing  you  and  fixes  the  rate. 

Things  get  really  exciting  when  you  buy  stock  during  several 
years  through  an  automatic  investment  plan  and  then  sell  the 
whole  lot.  When  that  happens. ..well,  that’s  when  a  PhD  in 
finance  comes  in  handy.  But  I  don’t  have  to  worry  about  that 


now.  No  capital  gains  means  me  and  my  calculator  will  remain 
casual  acquaintances  for  the  foreseeable  future. 

Work  ethic.  With  layoffs,  productivity  is  on  the  rise.  Dri¬ 
ven  by  the  fear  that  the  pink  slip  is  in  the  interoffice  mail,  fewer 
people  are  doing  the  work  previously  done  by  many.  (The 
many,  of  course,  already  received  their  pink  slips.)  Conse¬ 
quently,  there’s  a  sense  abroad  that  more  than  ever,  people  are 
keeping  their  noses  to  the  proverbial  grindstone. 

But  layoffs  and  the  fear  they  engender  are  only  part  of  the 
reason  why  employees  are  exhibiting  a  newfound  work  ethic. 
With  401(k)s  and  other  investments  taking  a  beating,  no  one’s 
wasting  their  time  checking  stock  prices  on  the  Internet.  Plus, 
no  raises  and  no  bonuses  have  cut  down  on  online  shopping 
from  the  office.  Truth  is,  there  are  fewer  things  to  distract  us 
from  our  work  in  a  down  economy. 

And  the  biggest  distraction  of  all — the 
promise  of  early  retirement — has  gone  the 
way  of  the  defined-benefit  pension  plan. 
Nobody  expects  to  cash  out  and  hit  the 
links  by  45  these  days.  Indeed,  with  early 
retirement  rapidly  receding  to  pipe-dream 
status,  there’s  a  new  emphasis  on  long-term 
career  planning.  For  people  looking  to 
ensure  their  financial  future,  there’s  a  new 
need  to  buckle  down  and  concentrate  on  getting  ahead.  This 
translates  into  greater  dedication  among  employees  who  realize 
that  the  stock  market  won’t  be  their  ticket  out  of  the  9-to-5 
grind.  To  earn  one’s  keep  by  actually  working  for  it  is  back 
in  vogue. 

On  the  subject  of  working  for  a  living,  that’s  now  something 
vendors  are  doing.  With  the  Y2K  and  Internet  technology  spend¬ 
ing  booms  a  fast-fading  memory,  salespeople  (with  the  exception 

of  Microsoft’s  reps)  had  better  be  hum¬ 
ble.  Even  if,  as  they  say,  the  technology 
sells  itself,  the  reps  still  have  to  work 
harder  because  there’s  less  money  to 
chase.  That  means  they’re  willing  to  cut 
deals  with  CIOs  facing  decimated  budg¬ 
ets.  The  balance  of  power  has  shifted. 
The  vendors  need  the  CIOs  (and  their  money)  more  than  the 
CIOs  need  new  hardware  and  software. 

Now  that  the  northern  hemisphere  is  tilted  toward  the  sun 
(at  least  in  the  northern  latitudes),  let  us  be  of  good  cheer.  The 
business  world  is,  on  aggregate,  poorer  now,  no  doubt.  But  it 
is  probably  saner  too.  And  so,  in  all  likelihood, 
are  you.  BE] 


Opinion  Senior  Editor  Megan  Santosus  is  keeping  her 
nose  to  the  proverbial  grindstone,  but  she’d  be  glad  to 
hear  from  you  at  santosus@cio.com. 


The  next  time  you’re  on  a  flight  and  you  hear  the 
attendant  chirping  over  the  PA,  “Thanks  for  flying 
with  us  today,”  you  can  be  certain  that  these  days 
they  actually  mean  it. 


cio.com  What  are  your  reasons  to 
be  cheerful?  Surely  you  can  come  up  with 
a  few.  Share  them  in  the  ADD  A  COMMENT 
box  at  the  end  of  this  piece  online.  Go  to 
www.cio.com/daily  to  find  the  link. 


9  0 


CIO  JUNE  15,  2003 


www.cio.com 


PHOTO  BY  LESLIE  FEAGLEY 


software 


See  who’s  online  in  real-time.  #5% 

See  knowledge  shared  in  real-time^fS 
See  real-time  teamwork  at  work.  3  m 


Lotus  Instant  Messaging  is  the  leader  in  instant  messaging  for  business.  Lotus  software  lets  you  know 
who’s  available,  on  demand.  It  creates  real-time,  virtual  collaboration,  on  demand.  It  can  create  cost 
savings  and  quicker  response  time  instantly.  Everyone  becomes  more  agile.  Your  communication  is 
more  secure.  Business  advantage  is  immediate.  For  a  Lotus  webcast,  visit  ibm.com/lotus/seeit 
«  ’  business  on  demand  software 


IBM,  Lotus,  the  e-business  logo  and  e-business  on  demand  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States 
and/or  other  countries.  Certain  information  contained  within  this  advertisement  is  based  on  results  from  the  Osterman  Study  "Survey  on  Instant  Messaging  Issues"  (9/02), 
which  indicates  that  Lotus  Instant  Messaging  is  the  leading  solution  in  situations  where  an  enterprise  has  settled  on  an  IM  standard.  ©2002  Osterman  Research,  Inc. 
1(12003  IBM  Corporation.  All  rights  reserved. 


Our  award-winning  CIOs  share  ideas 
you  can  use  today,  as  they  tell  us 


What  Works  Now 


Some  of  our  favorite  thought-leaders 
look  Into  the  future,  and  predict 


What  Lies  Ahead 


Create  a  Cutting-Edge  Culture:  Being  innovative  is  more 
important— and  more  challenging— than  ever.  How  can  you 
be  resourceful  and  forward-thinking,  even  in  tough  times? 

Invent  New  Methods  of  Showing  Value:  You’re  under  more 


pressuretoshowthe  value  of  every  IT  dollar.  If  traditional  ROI  metrics  don’twork 
in  your  case  -make  up  your  own.  Two  of  our  winners  did.  Get  Fast  and  Flexible: 
Adapting  and  moving  quickly  on  opportunities  is  a  trait  of  truly  resourceful  orga¬ 
nizations.  Two  winners  turned  adversity  into  advantage,  developing  faster,  more 
flexible  processes.  Motivate  Employees  and  Boost  Morale:  When  the  economy 
enters  a  downward  spiral,  so  does  morale.  Our  winners  share  initiatives  that  help 
keep  their  most  important  resource  happy. 


August  17-19, 2003  j  The  Broadmoor  I  Colorado  Springs,  CO 
To  enroll  I  800.355.0246  1  www.cio.com/conferences 


Your  Hot 
Topics 


Gather  with  fellow 

attendees  to  discuss 

common  problems  and 

possible  solutions. 

■  Designing  for  maximum 
IT  costflexibiiity/agility 

■  Compliance  and  liability:  dealing  with  Sarbanes- 
Oxley  and  Patriot  Act  legislation 

■  Long-term  partnerships: 
negotiating  strong,  mutually 
beneficial  vendor  deals 

■  Bleeding-edge  tech:  lessons 
from  the  front  lines 

■  Ensuring  data  privacy  in  an 
access-hungry  environment 

■  The  CSO  in  you:  howto  be  your 
own  security  watchdog 

■  Buildingthe  next  generation  of 
IT  leaders 

■  Offshore  outsourcing 

■  Navigating  the  landmines  of  mergers/acquisitions 

■  And  more! 


Executive  Mindshare  sessions 

Small  working  groups  of  CIOs 
explore  the  challenges  and  best 
practices  of  specific,  critical 
IT/business  topics. 

Networking  Opportunities 

Make  the  connections  with  other  CIOs  who  can  help 
you  today  and  tomorrow:  take  advantage  of  our  break¬ 
fast  and  lunch  roundtables,  receptions,  and  evening 
dinner  and  hospitalities. 


Presenters 

CIO  100  Winners 

The  best-of-the-best.  Select 
CIO  100  Award  Winners 
share  best  practices  in  lead¬ 
ership  and  resourcefulness. 

Paul  Saffo 

Joins  us  again  as  Sympo¬ 
sium  moderator  and  talks 
about  why  he  thinks  we're  on 
the  verge  of  an  onslaught  of 
technological  innovation 
that  will  affect  every  corner 
of  business  and  society  in 
the  decades  ahead. 

W.  Brian  Arthur 

Citibank  Professor  of  the 
Santa  Fe  Institute  shares  his 
views  on  how  sub  industries 
such  as  genomics,  pro- 
teomics,  financial  engineer¬ 
ing,  nanotechnology  and  the 
like  are  being  born  out  of  IT. 

Howard  Rheingold 

Futurist  and  guru  of  digital 
culture  gives  us  his  observa¬ 
tions  on  the  “Smart  Mob” 
phenomenon. 

Abbie  Lundberg 

CIO  magazine’s  Editor  in 
Chief  hosts  a  panel  of  award¬ 
winning  CIOs.  They'll  share 
how  they've  anticipated  the 
impact  on  their  organiza¬ 
tions  of  the  economic  and 
politcal  events  of  the  past 
two  years  and  how  they  lead 
in  an  age  of  extraordinary 
challenges. 


Leadership  and  Innovation  for  the  Resourceful  Enterprise 


Sponsored  by 

Al^aOM 

APC 

Legendary  Reliability' 

<bmcso  are 

Assuring  Business  Availability* 


4^equant' 

FUflTSU 

Ct 

netSil 

Work  Smarter. 

HrSAVVIS 

THE  NETWORK  THAT  POWERS  WAU  STREET' 

O  SupportSoft 

This  year's  CIO  100  Awards 
Ceremony  is  proudly 
underwritten  by 

PeopleSoft. 


Presented  by 


The  Resource  for 
Information  Executives 


You  ve  Picked 

a  Winner! 


Often  hailed  for  its  preeminence 
as  the  “Pulitzer  Prize  of  the  business 
press,"  the  Neal  Award  is  the 
business  publishing  industry's 
annual  salute  to  individual  editors 
for  outstanding  editorial  excellence. 

*SOURCE:  CIO  READER  PROFILE  STUDY. 

,  MRI.  AUGUST  2002 


CIO  magazine  is  the  proud  recipient  of  the 
prestigious  2003  Grand  Neal  Award—the 
top  editorial  honor  granted  to  one  publica¬ 
tion  from  more  than  1,000  entries  across 
all  categories  and  circulation  sizes.  CIO 
also  won  Neal  Awards  for  “Best  How  To” 
for  the  2002/2003  Year-End  Issue  and 
“Best  Article”  for  “Microsoft’s  New  Sub¬ 
scription  Plan:  CIOs  Just  Say  No.” 

The  Neal  Award  judges  aren’t  the  only  ones 
who  prefer  CIO  magazine.  CIOs  choose  CIO 
as  the  one  publication  they  rely  on  for  in¬ 
sight  and  strategies  for  managing  IT.* 

NOW  THAT’S  WHAT  WE  CALL  AN  AWARD! 


■  ■  ■  ■  The  Resource 

%  j  I  \  f  for  Information 

Executives 


ILLUSTRATIONS  BY  FERRUCCIO  SARDELLA 


Inside 

Under 

Development 

Internet  speed 
record  .........  100 


Edited  by  Christopher 
Lindquist.  Send  your 
thoughts  and  ideas 
for  future  columns  to 
clindquist@cio.com. 


Defensive  Postures 


Intrusion  prevention  systems  offer  the  latest  countermeasures  in  the  war 
against  hackers,  worms  and  viruses  by  dylan  tweney 


THE  SQL  SLAMMER  WORM  began  its  rampage 
shortly  after  midnight  on  Jan.  25,  2003.  Within 
days,  the  insidious  piece  of  code  had  infected 
more  than  120,000  computers,  slowed  Internet 
traffic,  crashed  sites  and  even  disabled  ATMs, 
costing  companies  an  estimated  $1  billion  in  lost 


productivity  worldwide,  according  to  analyst 
firm  Mi2g.  The  irony?  Slammer  exploited  a  vul¬ 
nerability  in  SQL  Server  for  which  Microsoft 
had  already  issued  a  patch — six  months  earlier. 

It’s  not  that  IT  administrators  are  lazy  or  neg¬ 
ligent — it’s  that  locking  down  operating  systems 


Intrusion  prevention. ..Superfast  data  transfers 


WWW. do. com  •  JUNE  15,  2003  CIO  95 


]  Emerging  Technology 


and  applications  has  become  an  almost 
unmanageable  job.  The  CERT  Coordina¬ 
tion  Center  recorded  417  security  vulner¬ 
abilities  in  1999.  By  2002,  there  were 
4,129  new  vulnerabilities. 

This  situation  makes  the  newest  class 
of  security  technologies — intrusion  pre¬ 
vention  systems  (IPSs) — look  pretty  good. 
Supplementing  patches,  firewalls  and 
other  traditional  approaches  to  security, 
an  IPS  can  provide  security  at  the  most 
fundamental  levels:  the  operating  system 
kernel  and  the  network  data  packet.  An 
IPS  can  also  be  cheap  insurance:  Host- 
based  systems  can  cost  as  little  as  a  few 


These  factors  should  spark  significant 
growth  in  the  IPS  space.  Market  research 
company  Infonetics  estimates  the  com¬ 
bined  intrusion  detection  and  intrusion 
prevention  market  will  grow  to  $1.6  bil¬ 
lion  by  2006,  with  IPS  accounting  for  the 
majority  of  the  growth. 

Market  Confusion 

Intrusion  detection  vendors,  such  as  Cisco, 
Internet  Security  Systems  and  SourceFire, 
are  retooling  their  products  to  proactively 
stop  network  attacks.  Checkpoint  and 
NetScreen  are  adding  IPS  capabilities  to 
their  firewalls.  And  dozens  of  smaller  ven¬ 


Locking  down  operating  systems  and 
applications  has  become  an  almost 
unmanageable  job. 


thousand  dollars  per  server,  while  net- 
work-based  IPS  appliances  typically  cost 
between  $10,000  and  $90,000,  plus  on¬ 
going  support  fees. 

“It  makes  sense  to  protect  the  host  so 
that  if  all  else  fails,  it  will  have  a  better 
chance  of  standing  alone  on  its  own  two 
feet,”  says  Bill  Stevenson,  information 
security  officer  for  New  Century  Mort¬ 
gage.  His  company  has  been  using  host- 
based  intrusion  prevention  from  Entercept 
since  late  2000  as  a  major  part  of  the 
back-field  defense  for  its  servers.  So  far, 
it’s  worked:  New  Century’s  IPS  success¬ 
fully  repulsed  Slammer. 

Don’t  Tell  Me,  Fix  It! 

Interest  in  intrusion  prevention  is  increas¬ 
ing,  thanks  in  part  to  a  growing  disen¬ 
chantment  with  intrusion  detection 
systems  (IDSs),  which  notify  administra¬ 
tors  of  attacks  but  don’t  actually  stop 
those  attacks.  Market  maturity  is  also  a 
factor,  as  demonstrated  by  the  acquisition 
of  IPS  company  OneSecure  by  Netscreen 
along  with  planned  acquisitions  by  Cisco 
(of  Okena)  and  Network  Associates  (of 
Entercept  and  Intruvert). 


dors  are  touting  security  add-ons,  secure 
Web  servers  and  even  ordinary  firewalls  as 
“intrusion  prevention  systems.” 

The  result  is  a  confused  marketplace. 
“Since  there  are  so  many  different  ways 
to  detect  an  attack,  it’s  very  unclear  what 
you  mean  when  you  use  a  term  such  as 
intrusion  prevention”  says  Pete  Lind- 
strom,  research  director  for  Spire  Security, 
an  independent  analyst  company. 

Lindstrom  and  other  analysts  differen¬ 
tiate  true  intrusion  prevention  systems 
from  older  technologies,  such  as  firewalls 
and  IDSs,  that  have  been  updated  with 
new  “prevention”  features.  Broadly  speak¬ 
ing,  the  new  crop  of  IPS  products  fall  into 
two  categories:  host-based  intrusion  pre¬ 
vention  (HIP)  products  such  as  those 
offered  by  Entercept,  Harris  and  Okena; 
and  even  newer  network-based  intrusion 
prevention  appliances  offered  by  compa¬ 
nies  including  Intruvert,  OneSecure  and 
TippingPoint. 

Locking  Down  the  Host 

A  HIP  product  protects  servers  and  work¬ 
stations  through  software  agents  that  sit 
between  applications  and  the  OS’s  kernel. 


Intruder  Alert! 

Technology  Intrusion  prevention 
systems 

Anticipated  benefit  Adds  secu¬ 
rity  to  networks  and  computers  by 
intercepting  attacks  before  they 
do  damage. 

Hurdles  Network-based  systems 
may  inadvertently  block  legiti¬ 
mate  traffic.  Host-based  systems 
are  ineffective  against  denial-of- 
service  attacks. 

Estimated  cost  $5,000  to 
$90,000 

Vendors 

Host-based  systems: 

■  Entercept  Security  Technologies 

www.entercept.com 
(Acquisition  by  Network  Associ¬ 
ates  pending  at  press  time.) 

■  Harris  STAT  Neutralizer 

www.statonline.com 

■  Okena  StormWatch  and 
StormFront  www.okena.com 
(Acquisition  by  Cisco  is  pending  at 
press  time.) 

■  Sana  Security 

www.sanasecurity.com 

Network-based  systems: 

■  Captus  Networks 

www.captusnetworks.com 

■  Cisco  Systems  IDS 

www.cisco.com 

■  ForeScout  ActiveScout 

www.forescout.com 

Internet  security  systems: 

■  RealSecure  Network  Protection 

www.iss.net 

■  Intruvert  Networks 

www.intruvert.com 
(Acquisition  by  Network  Associ¬ 
ates  pending  at  press  time.) 

■  Netscreen  Technologies  IDP 

WWW.  netscreen.  com 
(Formerly  OneSecure  IDP.) 

■  TippingPoint  Technologies 
UnityOne  www.tippingpoint.com 


96  CIO  JUNE  15,  2003  •  www.cio.com 


FREE  White  paper! !  ppci:  \n/hitD  nanori 

taoiina  imnfirMi™.  fnr  n,t,  ,  ^11  tt  Wlutfi  papeH  Centers  and  Network  Rooms 


"Cooling  Imperatives  for  Data 
Centers  and  Network  Rooms" 


□  YES!  Please  send  me  my  FREE  white  paper  -  "Cooling  Imperatives  for  Data  Centers 
and  Network  Rooms"  and  InfraStruXure”  brochure. 


Just  mail  or  fax  this  completed 
coupon  or  contact  APC  for  your 
FREE  white  paper  -  "Cooling 
Imperatives  for  Data  Centers 
and  Network  Rooms".  Also 
receive  our  FREE  InfraStruXure™ 
brochure.  Better  yet,  order  both 
today  at  the  APC  Web  site! 


Key  Code 

http://promo.apc.com  k723y 
(888)  28&-APCCX2839* *  FAX:  (401)  788-2797  ! 


Legendary  Reliability® 


□  NO,  I'm  not  interested  at  this  time,  but  please  add  me  to  your  mailing  list 
Name:  Title: 

Company: 


Address: 


Address  2: 


City/Town: 


State: 


ziei 


Country: 


Phone: 


Fax: 


E-mail: 


I  I  YbsI  Send  me  more  information  via  e-mail  and  sign  me  up  for  APC  PowerNews  e-mail  newsletter.  Key  Code  k723y 


What  type  of  availability  solution  do  you  need? 

□  UPS:  0-16kVA  (Single-phase)  □  UPS:  10-80kVA  (3-phase  AC)  □  UPS:  80-(-  kVA  (3-phase  AC)  □  DC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management  □  CablesA/Vires 

□  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 

Purchase  timeframe?  p  <  1  Month  □  1-3  Months  o  3-12  Months  □  1  Yr.  Plus  □  Don't  know 

*  You  are  (check  1):  □  Home/Home  Office  □  Business  (<1000  employees)  □  Large  Corp.  (>iooo  employees) 

O  Gov't.,  Education,  Public  Org.  □  APC  Sellers  &  Partners 


©2002  APC.  All  trademarks  are  the  property  of  their  owners.  NA4A2EB-USa_2c 


E-mail:  esupport@apcc.com 


132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA 


POSTAGE  WILL  BE  PAID  BY  ADDRESSEE 


AMERICAN  POWER  CONVERSION 


ATTENTION  CRC:  k723y 
Department:  B 
132  FAIRGROUNDS  ROAD 
PO  BOX  278 

WEST  KINGSTON  Rl  02892-9920 


Mini 


I.IImI.I.I.m.I.II.ImI.I... 


nil 


ll.l.ll 


Howto 
Contact  APC 

Call:  (888)  289-APCC 

use  the  extension  on  the 
reverse  side 

Fax:(401)  788-2797 

Visit:  http://promo.apc.  com 
use  the  key  code  on  the  reverse 
side 


Legendary  Reliability'” 


Worried  about  increasing  power 
densities  in  your  server  room? 


As  racks  become  increasingly  popu¬ 
lated  with  thinner,  deeper  servers, 
high  power  densities  in  your  server 
room  or  data  center  can  create 
havoc,  from  early  equipment  failures 
to  expensive,  forget-about-your-job- 
security  downtime. 

Introducing  InfraStruXure™  architec¬ 
ture,  the  industry's  only  patent-pend¬ 
ing,  network-critical  physical  infra¬ 
structure.  InfraStruXure™  lets  you 
target  power  and  cooling  precisely 
where  your  mission-critical  applica¬ 
tions  live — ^the  rack  enclosure. 

And  because  InfraStruXure™  architec¬ 
ture  uses  a  modular,  manageable,  pre¬ 
engineered  approach,  you  can  select 
standardized  components  to  create 
your  own  customized  solutions. 

Which  means  you  can  target  avail¬ 
ability,  pay  as  you  grow,  adapt  to 
change,  and  maximize  efficiency 
while  minimizing  installation,  operat¬ 
ing,  service,  and  maintenance  costs. 

In  times  like  these,  it  pays  to  think 
smart.  For  more  information  on 


Open,  adaptable  and  integrated 
architecture  for  on-demand 
network-critical  physical  infrastructure 


High  power  densities  can  create  hot 
spots,  which  cause  equipment  failures 
and  expensive  downtime. 


[cold  air] 


InfraStruXure's  advanced  cooling 
components  help  remove  heat  from 
your  servers  and  target  air  circulation 
where  it  is  most  needed. 

Air  components  designed  for 
InfraStruXure"  are  manageable  via 
network  technology,  and  feature  a 
modern,  reliable  design  with  fewer 
moving  parts. 


[hot  air]-^^ 


lnfraStru>\ure 


ij(u 


"Our  Video  on  Demand  (VOD) 
servers  are  air  cooled  from  front 
to  back.  The  ARC  racks  that 
house  the  InfraStruXure  are  also 
designed  to  cool  from  front  to 
back.  So  the  same  racks  can 
effectively  house  our  power 
system  and  our  servers." 

Vince  Pombo 
Vice  President  of  Engineering 
Rich  Flanders 
Director  of  Engineering 
Time  Warner  Cable 

"If  I  had  purchased  the  incum¬ 
bent  vendor's  3-phase  upgrade 
model,  I  would  have  paid  75% 
more  in  service  costs  over  the 
next  four  years  and  I  would 
have  had  to  utilize  50%  more  of 
my  precious  floor  space." 

Captain  Timothy  Riley 

Support  Services  Division 

City  of  Newport  Beach  Police  Department 

V _ ! _ / 


POWER  RACK  AIR 


InfraStruXure's  open,  adaptable, 
and  integrated  architecture  for  on- 
demand,  network-critical  physical 
infrastructure,  visit  us  online  today 
at  www.apc.com. 


Winner  of  the  Communications  Solutions  Magazine 's 
“2002  Product  of  the  Year"  award.  Winner  of  theWindows  and 
.Net  Magazine  "2002  Reader's  Choice  Award  for  Best  High 
Availability  Solution",  the  GCN  "Best  New  Technology  Award"  at 
FOSE,  March  2002.  (Awarded  to  PowerStruXure",  which  is  now 
included  under  the  lnfraStruXure'‘brand.l 


AFTER 


InfraStruXure”  lets  you  build  out  capacity 
only  as  it's  required.  Save  up  to  50% 
CapEx  and  20%  OpEx*,  and  reclaim  an 
average  of  20%  usable  space. 
InfraStruXure  AIR  delivers  cooling 
directly  where  it  is  needed,  eliminating 
dangerous  hot  spots. 


BEFORE 


Q. 


Equipment  Racks 


Batteries 


UPSs 


Traditional  data  centers  are  built  out 
for  future  capacity  and  require  a 
large  amount  of  floor  space  that 
could  be  otherwise  utilized.  High 
power  density  racks  create  danger¬ 
ous  hot  spots. 


Every  product  carrying  this  mark  has 
been  tested  and  certified  for  use  with 
InfraStruXure™  architecture.  Before 
you  buy,  check  for  the  X  to  guarantee 
product  compatibility. 


Legendary  Reliability 


'  Representative  savings  based  on  projected  power  infrastructure  build-out  costs  and  estimated  service  cost  per  unit  Actual  savings  may  vary. 


Are  you  prepared?  Get  a  FREE  APC  white  paper  to  learn  how  to 
address  today's  top  cooling  needs  in  network  rooms  and  data  centers. 

V\s\\http://promo^pcxom  Key  Code  k723y  •  Call  888-289-APCC  x2839  •  Fax  401-788-2797 

©2003  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  ISX1B3EF-USI 


]  Emerging  Technology  [ 


It  intercepts  system  activity  on  the  lowest 
level — disk  read-write  requests,  network 
connection  requests,  and  attempts  to 
change  the  registry  and  write  to  mem¬ 
ory — and  either  allows  or  denies  the  activ¬ 
ity  based  on  predetermined  rules.  For 
example,  an  application  would  not  be  able 
to  modify  certain  files  or  change  data  in 
the  system  registry.  A  HEP  system  can  also 
block  behavior  that  is  clearly  malicious, 


such  as  rewriting  OS  executables.  The 
upshot  is  that  most  security  exploits  sim¬ 
ply  won’t  work.  Attackers  might  be  able 
to  get  through  your  network  defenses  to  a 
server,  but  they  couldn’t  actually  do  any¬ 
thing  once  they  got  there. 

For  Stuart  McClure,  president  and 
CTO  of  Foundstone,  host-based  intrusion 
prevention  is  a  much-needed  stopgap 
measure.  Foundstone,  a  security  software 
and  services  company,  uses  Entercept  to 
protect  its  servers  against  known  vulnera¬ 
bilities  without  having  to  install  security 
patches  first.  This  lets  the  company  test 
and  install  patches  on  a  monthly  schedule 
instead  of  rushing  to  install  them  as  soon 
as  they  are  released. 

A  HIP  benefits  from  contextual  infor¬ 
mation  about  the  server  being  attacked, 
which  can  make  it  more  efficient  than 
blanket  network  security.  “You  can  get  a 
microscopic  analysis  of  what’s  going  on,” 
says  Ed  Skoudis,  vice  president  of  security 
strategy  for  Predictive  Systems,  an  IT  con¬ 
sultancy  that  works  with  both  Okena  and 
Entercept.  A  HIP  system  on  a  Solaris  box 
can  safely  ignore  attacks  aimed  at  Win¬ 
dows  systems,  for  instance.  And  because 
they  focus  on  behavior,  HIP  systems  can 
resist  never-before-seen  attacks,  whereas 
network-based  IDS  and  IPS  systems 


require  constant  updates  to  identify  the 
latest  worms,  viruses  and  exploits. 

There  are  downsides  to  host-based 
intrusion  prevention,  however.  It’s  useless 
against  intrusions  aimed  at  your  network 
in  general — such  as  denial-of-service 
attacks.  You  also  need  to  install  it  on  every 
system  you  want  to  protect,  which  can 
create  a  deployment  headache.  (HIP  ven¬ 
dors  have  only  recently  started  adding 


enterprise-level  management  tools  to  their 
products.)  HIP  also  uses  some  system 
resources,  although  McClure  estimates 
only  2  percent  to  5  percent  of  CPU  time. 

What’s  more,  HIP  systems  truly  are  the 
last  line  of  defense.  “They  only  function 
when  things  have  gotten  seriously  out  of 
hand,”  says  Martin  Roesch,  founder  and 
CTO  of  security  services  provider  Source- 
Eire.  “Every  car  should  have  airbags,  but 
wouldn’t  it  be  nicer  to  avoid  the  accident 
in  the  first  place?”  Still,  for  providing  an 
additional  layer  of  security  on  critical 
hosts,  HIP  is  a  compelling  option. 

Network-Based  Protection 

In  general,  network  systems  sit  “in  line,” 
intercepting  network  traffic,  scanning  it 
for  suspicious  activity,  and  either  block¬ 
ing  it  or  passing  it  along.  Such  systems  use 
a  range  of  techniques,  from  IDS-like  sig¬ 
nature  scanning  (looking  for  telltale  strings 
of  bytes)  to  protocol  anomaly  detection 
(figuring  out  when  a  packet  of  data  is  try¬ 
ing  something  not  ordinarily  permitted  by 
its  data  transmission  protocol). 

Some  network  intrusion  prevention  sys¬ 
tems  take  more  devious  approaches  to  net¬ 
work  protection.  ForeScout’s  ActiveScout, 
for  instance,  responds  to  suspicious  activ¬ 
ity  (such  as  port  scanning)  by  sending  a 


specially  coded,  “tagged”  response.  If  the 
attacker  then  tries  to  act  on  the  tagged 
information,  ActiveScout  immediately  rec¬ 
ognizes  that  an  attempted  attack  is  in 
progress  and  can  shut  off  the  connection 
before  any  damage  occurs. 

Network-based  intrusion  prevention 
can  be  useful  in  situations  where  host- 
based  protection  is  impractical  and  fire¬ 
walls  aren’t  effective — for  instance, 
against  attacks  that  originate  within  your 
own  network.  University  of  Dayton 
Associate  Provost  and  CIO  Thomas  Dan- 
ford,  like  many  higher  education  IT  exec¬ 
utives,  has  to  deal  with  students  bringing 
worms  and  viruses  onto  the  internal  net¬ 
work  regularly.  “Before  you  know  it, 
we’ve  got  worms  slamming  around  all 
over  the  place,”  says  Danford,  who  cal¬ 
culates  that  the  university  receives  3,200 
attacks  on  an  average  day.  The  solution: 
TippingPoint’s  UnityOne  IPS,  which 
Danford  installed  behind  the  firewall  to 
shut  down  suspicious  traffic.  When  the 
Slammer  worm  hit  in  January,  says  Dan¬ 
ford,  “we  didn’t  experience  any  problems 
at  all.” 

Many  IT  managers,  however^  are  reluc¬ 
tant  to  trust  network-based  intrusion  pre¬ 
vention,  in  part  because  of  the  risk  of 
service  interruption.  If  your  IDS  misidenti- 
fies  legitimate  traffic,  the  false  alarm  is 
merely  annoying;  but  an  IPS  that  shuts 
down  a  customer  connection  by  mistake 
could  hurt  your  bottom  line.  “When  peo¬ 
ple  need  to  get  to  your  system  to  trade,  a 
couple  of  seconds  of  downtime  could  get 
you  a  seriously  irate  customer;”  says  a  chief 
security  officer  at  a  financial  services  com¬ 
pany  who  declined  to  be  named.  “For 
automated  blocking,  we  think  [intrusion 
prevention]  systems  are  not  mature  enough 
to  rely  on  yet.” 

To  the  extent  that  network-based 
systems  rely  on  signatures  to  identify 

cio.com  Read  Chris  Lindquist’s 

TECH  TACT:  NEW  TOOLS  FOR  NEW  JOBS 

every  Monday  at  www.cio.com/daily. 


Network-based  intrusion  prevention  can 
be  useful  in  situations  where  host-based 
protection  is  impractical  and  firewalls 
aren’t  effective. 


98  CIO  JUNE  15,  2003  •  www.cio.com 


You  trust  the  12-inch  steel  girders  to  keep  the  5,700  concrete  slabs  in  place. 
You  trust  the  concrete  slabs  to  form  the  23-mile  tube. 

You  trust  the  tube  to  hold  back  the  crushing  weight  of  a  deep  blue  sea. 


Shouldn’t  you  feel  the  same  way  about  your  infrastructure  partner? 


VeriSign®  Telecommunication  Services  and 
people  are  helping  carriers  create  secure, 
reliable  connections  today  and  prepare  for 
the  converged  services  of  tomorrow.  So  now 
you  can  feel  as  confident  in  the  digital  world 
as  you  do  in  the  physical  one. 


The  Value  ot'Trust^” 


VeriSign  Telecommunication 
Services  include 

•  Network  Services 

•  Database  Services 

•  Business  Support  Services 

•  Strategic  Business  Services 

•  Mediation  Services 


Download  a  free  brochure  detail! 
TeleBlock®  service  for  managing 
Do-Not-Call  lists  at 

www.verisign.com 
Or  call  1-888- 


attacks,  they’ll  need  to  be  updated — and 
they  may  have  difficulty  stopping  brand- 
new  attacks.  It’s  also  important  to  consider 
the  impact  on  network  performance  when 
installing  an  in-line  system — if  it  can’t  sup¬ 
port  your  network’s  maximum  bandwidth 
utilization  or  introduces  significant  laten¬ 
cies,  it  will  be  a  bottleneck.  For  that  rea¬ 
son,  many  vendors  are  moving  toward 
appliances  (some  of  which  support  gigabit 
speeds),  rather  than  software. 

Where  IPS  Fits  In 

Almost  no  one  claims  that  any  type  of 
intrusion  prevention  system  will  replace 
firewalls  and  other  mainstays  of  network 
security  outright.  Instead,  analysts  say, 
these  systems  make  the  most  sense  as  part 
of  a  layered  security  strategy  that  makes 
use  of  several  different  technologies  at  mul¬ 
tiple  points  in  your  network. 

Nor  will  IPS  kill  the  intrusion  detection 
market,  at  least  in  the  short  term.  If  an 
attacker  makes  it  past  your  other  defenses 
(including  the  IPS),  an  IDS  provides  the 
information  you  need  to  contain  the  dam¬ 
age  and  prevent  future  attacks. 

Ultimately,  predicts  Richard  Stiennon, 
a  research  director  at  Gartner,  network- 
based  IPS  capabilities  will  be  integrated 
into  firewall  appliances.  The  host-based 
IPS,  say  Spire  Security’s  Lindstrom  and 
other  experts,  will  likely  become  more 
agent-based,  centrally  managed  and  ubiq¬ 
uitous — perhaps  as  part  of  an  enterprise’s 
overall  systems  management  strategy.  But 
one  thing  is  certain:  As  the  number  of 
attacks  and  vulnerabilities  continues  to 
grow,  so  will  interest  in  intrusion  preven¬ 
tion  technologies  of  all  kinds. 

“Return  on  security  investment  is  some¬ 
thing  that’s  very,  very  difficult  to  show,” 
says  New  Century’s  Stevenson.  “But  you 
pick  up  the  paper  every  couple  weeks,  and 
to  know  that  we’ve  bypassed  the  latest 
critical  worm  or  virus  that’s  on  the  Inter¬ 
net — ^that’s  return  on  investment.”  ■ 


Dylan  Tweney  (dylan@tweney.com)  is  a  freelance 
writer  based  in  San  Mateo,  Calif. 


UNDER  DEVELOPMENT 
Broadband 

WAN  Speed  Record 

INTERNET  TRANSMISSIONS  using  DSL  and  cable  modems  seem  like  pony  express 
deliveries  compared  with  the  superfast  data  transfer  achieved  by  scientists  at  the  Stan¬ 
ford  Linear  Accelerator  Center  (SLAC).  The  scientists  were  able  to  transmit  6.7GB  of 
data— the  equivalent  of  four  hours  of  DVD-quality  movies— from  Sunnyvale,  Calif.,  to 
Amsterdam,  Netherlands  (6,800  miles),  in  58  seconds.  The  rate  they  achieved,  923Mbps, 
is  more  than  3,500  times  as  fast  as  a  typical  home  Internet  broadband  connection. 

SLAC  is  part  of  an  international  team— along  with  Caltech,  the  National  Institute  for 
Nuclear  Physics  and  High  Energy  Physics  in  Amsterdam,  and  the  science  faculty  of  the 
Universiteit  van  Amsterdam— that  was  awarded  a  data-transfer  speed  record  by  the  Inter- 
net2  consortium.  The  consortium  is  working  to  develop  and  deploy  advanced  network 
applications  and  technologies  in  its  effort  to  create  the  next  generation  of  the  Internet. 

The  record-setting  transmission— completed  in  February  2003— used  advanced  tech¬ 
nology  from  vendors  Cisco  Systems  and  Level  3  Communications  as  well  as  research 
organizations  NetherLight,  StarLight,  Surfnet  and  TeraGrid.  According  to  SLAC,  the  need 
to  transfer  and  analyze  vast  amounts  of  data  produced  by  particle  physicists  studying  the 
fundamental  building  blocks  of  matter  motivated  the  record.  But  Les  Cottrell,  assistant 
director  of  SLAC  computer  services,  sees  potential  benefits  for  business. 

“I  could  see  this  having  a  big  effect  on  media  distribution:  for  example  Blockbuster 
could  start  shipping  movies  to  someone’s  home  in  a  matter  of  minutes,”  Cottrell  says.  A 
company  like  Boeing  could  transmit  product  design  data  across  the  country  rather  than 
ship  storage  tapes  by  truck.  Other  high-bandwidth  applications  could  include  global  cli¬ 
mate  forecasting,  distance  learning,  human  genome  research  and  the  ability  of  doctors 
to  share  patient  information  from  multiple  sites  around  the  world  in  real-time. 

When  will  such  high-data  transfer  rates  become  commonplace?  That’s  hard  to  predict, 
says  Cottrell.  But  he  adds  that  he  would  not  be  surprised  to  see  some  of  these  applica¬ 
tions  occurring  within  the  next  10  years.  -Bob  Violino 


100  CIO  JUNE  15,  2003  •  www.cio.com 


Delivering  a  whole 
lot  more  than  speeds 
and  feeds. 


Bloomington  Hospital  &  Healthcare  System 

Improves  patient  care  through  a  Business-Driven  Network.^'* 

In  a  hospital  environment,  networks  aren’t  mission  critical — they’re  life  critical.  That’s 
why  the  Bloomington  Hospital  &  Healthcare  System  turned  to  Enterasys  Networks 
for  a  more  secure,  robust  and  mobile  infrastructure  to  support  its  vast  operation. 

Wire-speed  performance  and  pinpoint  control  handle  diverse  application  needs,  such  as 
real-time  fetal  heart  monitoring.  Next-generation  wireless  will  allow  for  “on  the  fly’’ 
patient  registration  and  charting,  all  while  protecting  confidential  data. 

Physicians  and  staff  are  more  productive:  patients  receive  the  quality  care  they  deserve. 
Think  of  it  as  a  Business-Driven  Network  for  life. 

Get  the  full  story  at  enterasys.com/bloomington 


ENTERASYS 


NETWORKS 


Sales  and  Services 

CIO  SALES  OFFICES 

President  Walter  Manninen 
Publisher  Gary  J.  Beach  •  508  935-4202 
Executive  VP  Sales/Custom  Publishing 
Ellen  Romanow  •  508  935-4796 

East  Coast 

Senior  VP  Sales/East 

Michael  J.  Masters  •  973  244-4040 

Senior  Regional  Mgr. 

Kathy  Powers  •  973  244-4041 
Regional  Sales  Manager 
Ellie  Schwab  *973  244-4042 
Account  Executive 
Joan  Bonadeo  •  973  244-4043 
Advertising  Sales  Associates 
Rhonda  Goodman  •  973  244-4033 
Sharon  Patrick  •  973  244-4044 
Fax  •  973  227-1565 
New  England 

Senior  Regional  Manager/ Advertising  Sales 

LenGanz- 508  935-4039 
Senior  Advertising  Sales  Associate 

Dawn  Cora  •  508  935-4092 
Fax  •  508  879-6063 

Mid-Atlantic 

Senior  Regional  Manager/ Advertising  Sales 

Louise  Cupelli  •  215  627-8117 

Account  Executive 

Maureen  Welsh  •  215  928-9151 


Advertising  Sales  Associate 

Meredith  Hagan  •  215  627-8114 
Fax -215  627-8224 

South  Central 

Regional  Director/ Advertising  Sales 

Robert  E.  Sawdon  •  512  306-9801 

Senior  Advertising  Sales  Associate 

Brenda  Garza  •  512  306-9801 
Fax  •  512  306-9805 

North  Central 

Regional  Sales  Manager 
Christopher  Nolan  •  847  441-3143 
District  Sales  Manager 
Beth  DeVillez*  847  441-3140 
Advertising  Sales  Associate 
Kim  Giovanni  •  847  441-5005 
Fax  •  847  441-5150 

West  Coast 

VP  Sales/West 

Cheri  Parr  >415  975-2685 

Senior  Regional  Manager/ Advertising  Sales 

Jane  Evans  •  415  975-2680 

Regional  Manager/ Advertising  Sales 

Ai  Collins  *415  975-2686 

Account  Executives 

Derek  Jung -415  975-2683 

Tom  Ocampo  •  415  975-2693 

Fax  •  415  543-2358 

Southern  California 

Regional  Sales  Manager 

Chris  Bramel  •  949  475-5579 


Account  Executive 

Issac  Ugay  •  949  475-5579 
Fax -949  475-5583 

LIST  SERVICES 

List  Services  Director 

Kathryn  A.W.  Marston  •  508  935-4072 

List  Services  Account  Executive 

Stephanie  Roy  •  508  935-4151 

List  Services  Coordinator 

Kim  Cormican  •  508  935-4152 

ONLINE  SERVICES 

VP/Online  Sales 

Lisa  Brown  •  508  935-4470 

Online  Sales  Manager 

Michael  McPhee  •  508  935-4611 

CUSTOM  PUBLISHING 

Group  Director  •  Michael  Siggins 

Director  •  Mary  Gregory 

Director  of  Content  Development  •  Tom  Field 

Project  Managers  •  John  Danielowich,  Amy 

Greenleaf 

Graphic  Designer  •  Chris  Brown 

REPRINT  SERVICES 

For  article  reprints,  please  contact 
Reprint  Services  at  651 582-3800  or 
e-mail  cioreprints@reprintservices.com. 

For  further  sales  information,  visit 
www.cio.com/marketing/salesoffices.html. 


Index  of  Companies  and  Advertisers 

Page  numbers  refer  to  the  first  page  of  the  article(s)  in  which  the  company  has  a 
substantial  mention.  This  index  is  provided  as  a  service  to  readers.  The  publisher 
does  not  assume  any  liability  for  errors  or  omissions. 


COMPANY  INDEX 


Acushnet  Co . 

20 

Green  Idea . 

.20 

Ametek  Inc . 

58 

ImagePoint . 

.  58 

AMR  Research  Inc . 48,  58 

Infonetics  Inc . 

.95 

Applied  Industrial  Technologies 

Intel  Corp . 

.95 

Inc . 

58 

Internet  Security  Systems  . . . 

.95 

Avaya  Inc . 

72 

Intruvert  Networks  . 

.95 

Bayer  AG  . 

58 

JetBlue  Airways  Corp . 

.88 

Capital  Consulting  and 
Management  Inc . 

58 

John  J.  Davis  &  Associates 

Inc . 

.72 

Capital  One  Financial  Corp.  . . 

72 

J.P.  Morgan  Chase  &  Co.  ... 

.72 

Captus  Networks  Corp . 

95 

Kids  II  Inc . 

20 

CareGroup  Inc . 

20 

Level  3  Communications  Inc. 

.  95 

Cisco  Systems  Inc . 

95 

Mandarin  Oriental  Hotel 

ClearCube  Technology  Inc.  . . . 

95 

Group  . 

.20 

Conference  Board  Inc.,  The  . . 

72 

Massachusetts  Health  Data 

Covenant  Health . 

20 

Consortium  Inc . 

.20 

DaimlerChrysler  Corp . 

48 

Mellon  Financial  Corp . 

.20 

DDS  Distribution  Services  Ltd. 

72 

Meta  Group  Inc . 

.20 

Denali  Consulting . 

58 

Mi2g  Ltd . 

.95 

Elance  Inc . 

58 

Morgan  Stanley . 

.  9b 

Eli  Lilly  and  Co . 

20 

Motorola  Inc . 

.58 

FleetBoston  Financial  Corp.  . . 

20 

MSX  International  Inc . 

.58 

ForeScout . 

95 

National  City  Corp . 

.  72 

Forrester  Research  Inc . 

95 

NetScreen  Technologies  Inc. 

.95 

Fortune  Brands  Inc . 

20 

New  Century  Mortgage  Corp. 

.95 

Foundstone  Inc . 

95 

Northrop  Grumman  Corp.  . . 

.20 

Gartner .  72  9.5 

Northwestern  Memorial 

Giga  Information  Group  Inc.  . . 

95 

Physicians  Group  . 

.  95 

Predictive  Systems  Inc . 

.  yb 

Procter  &  Gamble . 58 

Providence  Health  System  ...  20 
Reliant  Pharmaceuticals  LLC  .  58 

Schering-Plough  Corp . 72 

Sony  Corp.  of  America . 72 

Sourcefire  Inc . 95 

Spire  Security  LLC  . 95 

Tesco.com . 20 

Tigris  Corp . 58 

TippingPoint  Technologies  Inc.  95 

United  Air  Lines  Inc . 88 

Webasto  Roof  Systems  Inc.  . .  58 

White  &  Case  LLP . 72 

Whole  Foods  Market  IP  LP  ...  72 

ADVERTISER  INDEX 

3M  . 13 

Actuate  Corp . 21 

American  Power  Conversion  . .  97 

Avaya  . 25 

Bear  Wagner  Specialist  LLC  . .  41 

BT  . 29 

Canon  . 17 

CXO  Media  Inc.  . .  65,  92,  94, 103 

Cisco  Systems  Inc . 2 

Computer  Associates 

Inti,  Inc . C4,  5 

Cysive . 77 


Enterasys  Networks . 101 

Fujitsu . 8 

Gartner  Inc . 71 

Hewlett-Packard  Co . 34,  36 

IBM  Corp .  26,  87,  89,  91 

Internet  Security  Systems  ....  45 
Konica  Business  Technologies 

Inc . 51 

MCI . 79 

Microsoft  Corp . C2, 14 

NetlQ  Corp . 69 

OKI  . 43 

Protiviti  Inc . 63 

Quantum  DLTTape  . 39 

SeeBeyond  Technology  Corp.  .  18 

Sony  AIT  Solutions . C3 

Sony  Electronics  Inc . 83 

Sterling  Commerce  . 11 

StorageTek  . 55 

Sun  Microsystems  Inc . 7 

TIBCO  Software  Corp . 31 

Trend  Micro  Inc . 57 

Unisys  Corp . 46 

Verisign  Inc . 99 

Veritas . 32 

Verizon’s  Data  Credibility  ....  23 


CIO  IS  PUBLISHED  IN  THE 
UNITED  STATES  AS  WELL  AS  IN: 

Australia,  CIO  Australia  www.idg.com.au 
Canada,  010  Oanada  www.iti.on.ca/cio 
China,  CEO  &  CIO  China 
www.ceocio.com.cn 
Germany,  CIO  Germany  www.cio.de 
India,  CIO  India  91-80-521-0309/12 
Japan,  CIO  Japan  www.idg.co.jp 
Korea,  CIO  Korea  www.cio.seoui.kr 
New  Zealand,  CIO  New  Zealand 
www.idg.co.nz 

Poland,  CXO  Poland  www.cxo.pl 
Singapore,  CIO  ACEN/Hong-Kong 
www.idg.com.sg 

Sweden,  CIO  Sweden  www.cio.idg.se 

CIO  Contact 
Information 

Editorial,  Advertising  and  Business 
Offices;  492  Old  Connecticut  Path, 

P.O.  Box  9208,  Framingham,  MA 
01701-9208,  508  872-0080. 

CIO  (ISSN  0894-9301)  is  published 
semimonthly  and  as  a  combined  issue 
December  15/January  1  by  CXO  Media 
Inc.,  492  Old  Connecticut  Path,  P.O. 

Box  9208,  Framingham,  MA  01701- 
9208.  Periodicals  postage  paid  at 
Framingham,  MA,  and  at  additional 
mailing  offices.  Canada  Publications 
Mail  Agreement  Number  1902075. 
CANADIAN  POSTMASTER:  Please 
return  undeliverable  copy  to  P.O.  Box 
1632,  Windsor,  ON  N9A  7C9. 

Permissions;  Copyright  2003  by 
CXO  Media  Inc.  All  rights  reserved. 
Reproduction  of  material  appearing 
in  CIO  is  forbidden  without  written 
permission.  Send  all  requests  to 
Permissions  Department,  CIO,  492 
Old  Connecticut  Path,  P.O.  Box  9208, 
Framingham,  MA  01701-9208. 

Photocopy  Rights;  Permission  to 
photocopy  for  internal  or  personal 
use  or  the  internal  or  personal  use  of 
specific  clients  is  granted  by  CIO  for 
users  through  the  Copyright  Clear¬ 
ance  Center,  provided  that  the  base 
fee  of  $3  per  copy  of  the  article,  plus 
$.50  per  page  is  paid  directly  to 
Copyright  Clearance  Center,  27 
Congress  Street,  Salem,  MA  01970. 
Please  specify;  ISSN  0894-9301. 
Permission  to  photocopy  does  not 
extend  to  contributed  articles 
followed  by  this  symbol: 

Subscriptions;  Address  inquiries  to 
CIO,  P.O.  Box  489,  Northbrook,  IL 
60065-0489;  866  354-1125.  CIO  is 
free  to  qualified  information  execu¬ 
tives.  To  all  others  the  one-year  basic 
rate  is  $150  for  the  United  States  and 
Canada,  $195  to  foreign  countries 
(payable  in  U.S.  funds  only).  The 
single  copy  price  is  $9.  Please  allow 
four  to  six  weeks  for  new  subscrip¬ 
tions  to  begin. 

Change  of  Address:  Please  go  to 
www.omeda.com/custsrv/cio  and 
follow  the  online  instructions. 

Postmaster:  Send  change  of  address 
to  CIO,  P.O.  Box  489,  Northbrook,  IL 
60065-9816.  Printed  in  the  U.S.A. 


10  2  CIO  JUNE  15,  2003 


www.cio.com 


“The  Select  Member  CIO 
you  put  me  in  touch  with 
was  knowledgeable, 
forthcoming  and  extremely 
helpful.  His  shop  and 
ours  have  much  in  common. 
The  call  was  excellent!” 

-CIO  of  a  $7  billion 
insurance  company 

“I  am  getting  tremendous 
value  out  of  the  board-level 
presentations  I  have  down¬ 
loaded  from  Select.” 

-CIO  of  a  $3  billion 
manufacturer 


BENEFIT  FROM  THE  EXPERIENCE  OF  YOUR 


Membership  in  CIO  Select  is  reserved  for  CIOs 
of  midsize  to  large  organizations. 


The  Resource  for 
Information  Executives 


ClOSelect 

AN  EXCLUSIVE  PEER  SERVICE  FOR  CIOs 


For  Information  and  Membership  Pricing: 

Contact  Martha  Heller,  Director,  CIO  Select, 
at  508.988.6738  or  mheller@c/o.com  or 
via  www.cio.com/community/select.html. 


COVER  STORY 
DaimlerChrysler’s 
CIO  Survivor 

By  Christopher  Koch  I  48 

Sue  Unger,  the  54-year-old  CIO  of 
DaimlerChrysler,  has  survived  two 
waves  of  management  purges  since 
Germany’s  Daimler-Benz  purchased  Chryslei; 
and  in  fact  has  gained  power  since  the  merger 
in  a  company  that  has  swept  away  Ameri¬ 
cans  at  its  uppermost  levels  and  replaced 
them  with  Germans.  Her  success  has  defied 
the  odds  in  several  ways — she’s  a  woman  in 
one  of  the  most  competitive,  macho  indus¬ 
tries  in  the  world,  she  lacks  a  traditional  IT 
background,  and  she’s  not  a  native  of  the 
dominant  country  or  culture  of  corporate 
headquarters.  One  key  to  success  was  her 
investment  in  learning  every  important 
aspect  of  the  car  business.  Another  is  her 
sharp  people  skills.  She  deftly  leverages  the 
relationships  forged  in  her  business  func¬ 
tion  stints.  As  a  non-IT  background  CIO, 
she  avoids  resentment  in  the  IS  ranks  by  let¬ 
ting  her  technical  lieutenants  manage  rela¬ 
tionships  with  their  business  customers  while 
she  focuses  on  the  overall  strategy.  She  still 
faces  merger-related  resistance  and  cultural 
hurdles,  but  no  one  can  claim  she  doesn’t 
know  the  car  business. 


“The  fact  that  she  listens 
to  people,  evaluates  what 
they  have  to  say  and 
takes  a  position  that  is 
not  political  is  what  got 
her  through  it.” 

-GARY  VALADE,  CHRYSLER  EVP  OF 
GLOBAL  PROCUREMENT  AND 
SUPPLY,  ON  CIO  SUE  UNGER’S 
SUCCESS  IN  NAVIGATING  THE  WATERS 
OF  THE  DAIMLERCHRYSLER  MERGER 


E- Procurement  By  Malcolm  Wheatley  I  58 

TODAY  IT’S  POSSIBLE  TO  BUY  ALMOST  ANYTHING  elearonically.  But  moving  beyond 
paper  clips  is  difficult.  Direct  (raw)  materials  and  services  can  be  multimillion-dollar  deals,  often 
negotiated  over  months.  But  e-procurement’s  characteristic  deliverables — better  productivity,  faster 
processing,  greater  visibility,  the  elimination  of  maverick  buying — can  have  a  proportionately  higher 
ROI  when  applied  to  direct-material  sourcing.  For  example,  at  Reliant  Pharmaceutical  all  purchases 
now  go  online  through  Ariba,  with  an  expected  ROI  of  400  percent.  Bill  Lawson,  CIO  at  Ametek, 
claims  an  average  20  percent  savings  by  sourcing  12  commodity  groups  (among  them  machine  tool¬ 
ing,  electrical  supplies  and  computer  hardware)  through  an  Oracle  Exchange  e-procurement  portal. 
Newly  available  collaborative  technology  allows  RFPs — accompanied  by  CAD  drawings  and  specifi¬ 
cations,  suppliers’  requests  for  additional  information,  and  bids — all  over  the  Web. 


Alignment  Tactics  ByToddOatz  I  72 

GROWTH  AND  INNOVATION  have  taken  a  backseat  to  relentless  cost-cutting  and  short-term 
payback.  The  pressure  to  do  more  with  less  has  intensified.  However,  CIOs  who  have  a  good  rela¬ 
tionship  and  a  strong  strategic  alignment  with  the  business  side  will  fare  well.  Those  who  don’t  are 
imperiled — it’s  now  or  never  for  alignment.  CIOs  who  get  it  share  six  successful  alignment  habits: 
Commit  to  the  care  and  feeding  of  top  management,  govern  wisely,  assign  direct  reports  to  be  busi¬ 
ness  unit  ambassadors,  join  hands  with  business  leaders  at  every  opportunity,  advertise  the  technol¬ 
ogy  strategy,  and  make  IT  user-friendly. 


Next-Generation  IT  Architecture  By  Larry  Downes  I  80 

THE  FUTURE  OF  I.T.  ARCHITECTURE  WILL  BE  the  ability  to  distribute  smaU  units  of  soft 
ware  over  the  Internet,  not  just  to  distant  users  but  to  destinations  such  as  equipment  on  the  factory 
floor  and  packages  on  store  shelves.  This  will  create  a  new  class  of  information  products  and  services 
that  interact  with  each  other  using  sophisticated  messaging  and  security  protocols.  Organizations 
adopting  this  architecture  will  see  reductions  in  development  and  maintenance  costs  and  new  forms  of 
information  exchange  up  and  down  the  supply  chain,  in  turn  creating  new  sources  of  value.  But  as  in 
previous  architecture  transitions,  there  will  be  more  organizational  than  technical  challenges.  FT  profes¬ 
sionals  must  not  only  cultivate  new  technical  skills  but  also  a  better  understanding  of  their  companies’ 
business.  Identifying  and  capitalizing  on  new  revenue  opportunities  will  only  happen  if  the  boundaries 
between  IT  and  business  users  are  as  permeable  as  the  information  supply  chain  data  is  free-flowing. 


Emerging  Technology:  Intrusion  Prevention  By  Dylan  Tweney  I  95 

INTRUSION  PREVENTION  SYSTEMS  (IPSs)  safeguard  the  operating  system  kernel  and  the 
network  data  packet.  Interest  in  IPSs  has  grown  in  part  because  of  disenchantment  with  intrusion 
detection  systems,  which  only  notify  IT  administrators  of  attacks  in  progress.  Host-based  IPSs  protect 
servers  and  workstations  through  software  agents  that  sit  between  applications  and  the  operating  sys¬ 
tem’s  kernel.  They  intercept  disk  read/write  and  network  connection  requests  and  attempt  to  change 
the  registry  or  write  to  memory — and  either  allow  or  deny  the  activity  based  on  predetermined  rules. 
However,  they  are  useless  against  intrusions  aimed  at  networks,  and  they  need  to  be  installed  on 
every  host.  Network-based  IPSs,  less  established  in  the  marketplace,  sit  “in  line,”  scanning  traffic  for 
suspicious  activity.  Many  IT  managers  are  reluctant  to  trust  network-based  intrusion  prevention,  in 
part  because  of  the  risk  of  service  interruption.  No  one  claims  that  IPSs  will  replace  firewalls,  but 
they  make  sense  as  part  of  a  layered  security  strategy. 


104  CIO  JUNE  15,  2003  •  www.cio.com 


Sony  AIT  data  borage  solutions  help  companies 
of  any  size  automate  tape  backups,  delivering  real 
ROI  through  IT  time  savings. 


Government  regulators  are  requiring  organizations  from 
financial  to  health  care  to  keep  copious  long-term 
records.  Disaster  recovery  and  business  continuity 
requirements  are  more  stringent  than  ever,  as  organiza¬ 
tions  try  to  prepare  for  the  worst.  And  all  the  while,  IT 
organizations  are  stretched  to  the  limit,  struggling  to 
meet  these  basic  day-to-day  demands. 

Clearly,  it  is  imperative  for  any  organization  to  routinely 
back  up  valuable  data,  but  it’s  not  imperative  that  they 
spend  an  inordinate  number  of  IT  hours  doing  it.  Let's  say 
it  takes  a  single  IT  administrator  1 5  minutes  to  load,  unload 
and  check  a  backup  tape,  and  that  person  has  to  deal  with 
just  two  tapes  each  day.  That's  at  least  1 0  hours  of  IT  time 
per  month  spent  juggling  tapes — hours  that  could  be  ded¬ 
icated  to  more  strategic  endeavors. 

Automated  tape  systems  can  get  organizations  off  the 
backup  treadmill.  Such  systems  allow  you  to  consolidate 
multiple  drives  Into  one  solution 
that  can  be  loaded  with  enough 
tapes  to  handle  backups  for  days 
or  weeks.  All  the  required  back¬ 
ups  and  tape  rotations  are  han¬ 
dled  on  a  predefined  schedule, 
without  human  intervention. 

Once  a  luxury  for  only  large 
organizations  with  big  budgets 
and  large  IT  departments,  auto¬ 
mated  tape  storage  solutions 
such  as  those  in  the  Sony 
Advanced  Intelligent  Tape™  (AIT) 
automation  family  are  now  cost- 
effective  solutions  for  small  and 
midsize  organizations.  Indeed,  the  fastest  growing  seg¬ 
ment  in  the  tape  automation  market  is  for  systems  with  20 
cartridges  or  less.  Even  small  companies,  workgroups  or 
departments  with  individual  Digital  Data  Storage®  (DDS) 
tape  backup  systems  can  gain  significant  business  bene¬ 
fits.  Larger  organizations  can  leverage  the  performance, 
capacity  and  reliability  of  a  Sony  AIT  library  to  enable  up 
to  30  days  of  unattended  backup,  boosting  cartridge  uti¬ 
lization  and  simplifying  management. 

Traditionally,  many  organizations  use  individual  tape 
drives  to  back  up  critical  servers,  adding  additional  drives 
as  demand  dictates.  Consequently,  these  tape  drives  are 
often  deployed  in  a  decentralized  fashion,  requiring  that 
someone  physically  load  fresh  tapes  into  each  drive  daily 
or  weekly,  and  to  verify  that  backups  complete  successful¬ 
ly.  With  data  volume  doubling  or  tripling  every  year  or  two, 
it  is  difficult  to  keep  up  as  the  number  of  cartridges  grows. 
Before  long,  multiple  administrators  are  collectively  spend¬ 
ing  an  inordinate  amount  of  time  swapping  tapes  and 
attending  to  other  mundane  chores.  This  is  particularly  bur¬ 


densome  in  systems  with  limited  tape  cartridge  capacity. 

While  such  organizations  clearly  need  an  automated 
tape  solution,  even  those  with  only  one  tape  drive  can 
benefit.  Single-drive  tape  autoloaders  and  multiple-drive 
tape  libraries  are  integrated  solutions  that  have  space  for 
anywhere  from  eight  to  hundreds  or  even  thousands  of 
tapes,  along  with  a  mechanism  to  automatically  replace 
or  rotate  the  tapes  on  a  preset  schedule. 

When  using  an  automated  solution,  an  administrator 
loads  the  tape  drives  with  the  appropriate  tapes  and  uses 
backup  software  to  specify  when  tapes  should  be  switched, 
what  files  should  be  backed  up  and  how  often.  Most  sys¬ 
tems  notify  the  administrator  if  something  is  wrong,  such  as 
if  a  tape  runs  out  of  space.  Otherwise,  the  administrator 
simply  needs  to  check  the  unit  at  the  end  of  the  cycle,  be  it 
seven  days  or  30,  and  load  new  tapes.  Consider  the  time 
savings  compared  with  manually  configuring  the  backup 


each  day,  swapping  tapes  and  making  sure  each  backup  is 
complete.  Then,  consider  that  the  time  savings  and 
increase  in  reliability  are  even  more  dramatic  when  it 
comes  to  retrieving  data,  when  time  is  even  more  critical. 

Sony  AIT 

Sony's  AIT  tape  drives  and  libraries  were  designed  from 
the  ground  up  for  automation,  with  a  range  of  models  that 
allow  organizations  to  centralize  their  backups  and 
upgrade  existing  library  capacity.  For  example,  Sony's 
LIB81 ,  the  first  1 U  autoloader  in  the  industry,  has  one  tape 
drive  and  capacity  for  eight  cartridges.  The  flexible  range 
of  capacities  supplied  by  Sony  AIT-1 ,  AIT-2  and  AIT-3  tapes 
offer  enough  for  a  week's  worth  of  backups,  with  room  to 
spare  for  a  head  cleaning  cartridge  or  a  copy  of  a  previous 
week's  or  month's  backup  tape.  Sony's  LIB162  is  a  larger 
unit  with  space  for  two  tape  drives  and  up  to  1 6  individual 
tapes,  all  within  a  2U  rack-mountable  design  that  can  fit  in 
a  limited  space.  Its  storage  capacity  of  0.8  terabytes  (TB) 
native  and  2.08TB  compressed  puts  it  among  the  leaders  in 


terms  of  storage  density  per  cubic  foot. 

In  addition  to  rack-mountable  storage  systems,  Sony 
has  desk-side  tape  libraries  that  allow  users  to  load  up  to 
15  cartridges  in  a  single  removable  magazine.  This  pro¬ 
vides  enough  capacity  for  two  weeks  worth  of  tapes. 
Sony  also  offers  30-cartridge  units  that  can  provide  up  to 
one  month  or  more  of  hands-free  backups. 

All  of  Sony's  automated  tape  libraries  include  a  number 
of  important  capabilities  and  characteristics,  including; 

•  Remote  administration;  Sony's  tape  libraries  all 
have  the  capability  to  be  controlled  and  monitored  from  a 
remote  location. 

•  High  reliability;  Sony  AIT-3  drives  are  rated  at  up  to 
400,000  hours  mean  time  between  failure  (MTBF)  at 
1 00%  duty  cycle — far  exceeding  most  other  types  of  tra¬ 
ditional  backup  drives. 

•  Fast  file  access;  Sony  drives  were  the  first  in  the 
industry  to  include  the  Memory  in  Cassette  (MIC)  feature, 
which  provides  64K-bit  flash  memory  within  the  tape  car¬ 
tridge  to  index  information  and  the  location  of  data  on  the 
tape.  The  feature  speeds  data  access  and  retrieval,  mak¬ 
ing  AIT  one  of  the  fastest  tape  formats  in  terms  of  data 

retrieval. 

•  Future  growth  path; 

Currently  in  its  third  generation, 
AIT  has  a  defined  and  proven 
roadmap  that  has  seen  perform¬ 
ance  and  capacity  double  with 
each  new  generation.  In  addi¬ 
tion,  all  three  generations  of  AIT 
drives  available  today  are  both 
read  and  write  backward-com¬ 
patible. 

•  Industry  support;  AIT 

drives  work  with  all  major  oper¬ 
ating  systems,  including 
Windows,  Linux  and  Unix,  as 
well  as  with  the  majority  of  backup  software  packages, 
including  Computer  Associates'  CA  BrightStor  ARCserve, 
Veritas  Software's  Veritas  Backup  Exec  and  NetBackup, 
Legato  Systems'  NetWorker  and  IBM's  Tivoli  Storage 
Manager. 

Sony's  AIT  automated  tape  backup  solutions  are  also 
ideally  suited  to  address  the  growing  need  for  networked 
backup.  Rather  than  installing  and  managing  dedicated 
tape  drives  or  libraries  near  each  server,  an  organization 
can  consolidate  all  storage  functions  and  back  up  data 
from  various  servers  across  the  network,  further  reducing 
deployment  complexity  and  improving  IT  productivit/. 

Whatever  the  configuration,  high-speed,  high-capacity 
AIT  tape  systems  can  reduce  the  pressure  on  your  back¬ 
up  window  by  cutting  down  on  the  time  it  takes  to  com¬ 
plete  a  backup  or  restore.  Automating  your  daily  or  week¬ 
ly  backups  provides  even  more  benefits — more  reliable 
backups  performed  without  manual  intervention,  freeing 
up  valuable  IT  hours  that  can  be  spent  on  projects  that 
contribute  to  the  bottom  line. 


Progression  into  Automation 


Single/dual  drive  library  or  autoloader 


•  One  or  more  drives,  many  tapes 

•  Excessive  manual  effort 


Benefits; 

•  Higher  capacity  and  performance 

•  Hands-off,  unattended  backup 


1 


I 


learn  More  About 

Sony  AIT  Solutions 


Download  the  free  white  paper  "Doing  More  Through  Automation," 
and  learn  more  about  Sony  storage  solutions. 


Visit  www.nwfusion.eom/sony/AUTOCID2 


■'•’I 


Ca: 

Your  business 
Your  needs. 


Your  choice 


%  ■  ■'  •'-V^K'i 


It's  high  time  someone  in  the  software  industry  started  listening  to  your  needs.  And  standing  up  for  your 
rights.  Like  the  right  to  have  month-to-month  licensing.  And  the  right  to  no  upfront  payments.  That's  why 
we  offer  FlexSelect  Licensing^^  to  all  our  customers.  This  revolutionary  approach  to  licensing  is  based  on 
doing  business  on  your  terms,  not  ours.  So  you  can  have  just  the  software  you  need,  just  when  you  need 
it.  Check  it  out  today.  And  find  out  how  FlexSelect  Licensing  is  raising  more  than  just  eyebrows  in  the 
software  industry.  It's  raising  standards.  ca.com/flexselect 


Introducing  FlexSelect  Licensing®'^ 


Computer  Associates® 


2003  Computer  Associates  International,  Inc.  (CA).  All  rights  reserved. 


